CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 1CVE-2018-7544
https://notcve.org/view.php?id=CVE-2018-7544
A cross-protocol scripting issue was discovered in the management interface in OpenVPN through 2.4.5. When this interface is enabled over TCP without a password, and when no other clients are connected to this interface, attackers can execute arbitrary management commands, obtain sensitive information, or cause a denial of service (SIGTERM) by triggering XMLHttpRequest actions in a web browser. This is demonstrated by a multipart/form-data POST to http://localhost:23000 with a "signal SIGTERM" command in a TEXTAREA element. NOTE: The vendor disputes that this is a vulnerability. They state that this is the result of improper configuration of the OpenVPN instance rather than an intrinsic vulnerability, and now more explicitly warn against such configurations in both the management-interface documentation, and with a runtime warning ** EN DISPUTA ** Se ha descubierto un problema en la interfaz de gestión en OpenVPN hasta la versión 2.4.5. • http://blog.0xlabs.com/2018/03/openvpn-remote-information-disclosure.html • CWE-134: Use of Externally-Controlled Format String •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2017-12166
https://notcve.org/view.php?id=CVE-2017-12166
OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution. OpenVPN en versiones anteriores a la 2.3.3 y en versiones 2.4.x anteriores a la 2.4.4 es vulnerable a undesbordamiento de búfer cuando se utiliza key-method 1, lo que puede provocar la ejecución de código. • http://www.securityfocus.com/bid/101153 http://www.securitytracker.com/id/1039470 https://community.openvpn.net/openvpn/wiki/CVE-2017-12166 https://lists.debian.org/debian-lts-announce/2022/05/msg00002.html • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 1%CPEs: 9EXPL: 0CVE-2017-7508
https://notcve.org/view.php?id=CVE-2017-7508
OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service when receiving malformed IPv6 packet. Las versiones anteriores a 2.4.3 y anterior a 2.3.17 de OpenVPN, son vulnerables a la denegación de servicio remota cuando se reciben paquetes IPv6 malformados. • http://www.debian.org/security/2017/dsa-3900 http://www.securityfocus.com/bid/99230 http://www.securitytracker.com/id/1038768 https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243 • CWE-617: Reachable Assertion •
CVSS: 7.4EPSS: 0%CPEs: 9EXPL: 0CVE-2017-7520
https://notcve.org/view.php?id=CVE-2017-7520
OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service and/or possibly sensitive memory leak triggered by man-in-the-middle attacker. Las versiones anteriores a 2.4.3 y anterior a 2.3.17 de OpenVPN, son vulnerables a la denegación de servicio y/o posiblemente a la pérdida de memoria confidencial activada por un atacante de tipo man-in-the-middle. • http://www.debian.org/security/2017/dsa-3900 http://www.securityfocus.com/bid/99230 http://www.securitytracker.com/id/1038768 https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243 • CWE-125: Out-of-bounds Read CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 1%CPEs: 9EXPL: 0CVE-2017-7521
https://notcve.org/view.php?id=CVE-2017-7521
OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service due to memory exhaustion caused by memory leaks and double-free issue in extract_x509_extension(). Las versiones de OpenVPN anteriores a 2.4.3 y 2.3.17, son vulnerables a una denegación de servicio remota debido a un agotamiento de memoria causado por pérdida de memoria y un problema de doble liberación (Double Free) en la función extract_x509_extension(). • http://www.debian.org/security/2017/dsa-3900 http://www.securityfocus.com/bid/99230 http://www.securitytracker.com/id/1038768 https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243 • CWE-400: Uncontrolled Resource Consumption CWE-415: Double Free CWE-772: Missing Release of Resource after Effective Lifetime •