Page 3 of 16 results (0.007 seconds)

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

Cross-site request forgery (CSRF) vulnerability in the Admin web interface in OpenVPN Access Server before 1.8.5 allows remote attackers to hijack the authentication of administrators for requests that create administrative users. Vulnerabilidad de CSRF en la interfaz Admin web en OpenVPN Access Server anterior a 1.8.5 permite a atacantes remotos secuestrar la autenticación de administradores para solicitudes que crean usuarios administrativos. • http://openvpn.net/index.php/access-server/download-openvpn-as-sw/531-release-notes-v185.html http://osvdb.org/93111 http://secunia.com/advisories/52802 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 2.6EPSS: 0%CPEs: 16EXPL: 1

The openvpn_decrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when running in UDP mode, allows remote attackers to obtain sensitive information via a timing attack involving an HMAC comparison function that does not run in constant time and a padding oracle attack on the CBC mode cipher. La función openvpn_decrypt en el archivo crypto.c en OpenVPN versiones 2.3.0 y anteriores, cuando se ejecuta en modo UDP, permite a los atacantes remotos obtener información confidencial por medio de un ataque de sincronización que implica una función de comparación HMAC que no se ejecuta en tiempo constante y un ataque de tipo padding oracle en el cifrado en modo CBC. • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105568.html http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105609.html http://lists.opensuse.org/opensuse-updates/2013-11/msg00012.html http://lists.opensuse.org/opensuse-updates/2013-11/msg00016.html http://www.mandriva.com/security/advisories?name=MDVSA-2013:167 http://www.openwall.com/lists/oss-security/2013/05/06/6 https://bugs.gentoo.org/show_bug.cgi?id=468756 https://bugzilla.redhat.com/show_ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.0EPSS: 1%CPEs: 85EXPL: 0

OpenVPN 2.0.7 and earlier, when configured to use the --management option with an IP that is not 127.0.0.1, uses a cleartext password for TCP sessions to the management interface, which might allow remote attackers to view sensitive information or cause a denial of service. • http://openvpn.net/man.html http://www.osvdb.org/25660 http://www.securityfocus.com/archive/1/432863/100/0/threaded http://www.securityfocus.com/archive/1/432867/100/0/threaded http://www.securityfocus.com/archive/1/433000/100/0/threaded •

CVSS: 9.0EPSS: 0%CPEs: 6EXPL: 0

OpenVPN 2.0 through 2.0.5 allows remote malicious servers to execute arbitrary code on the client by using setenv with the LD_PRELOAD environment variable. • http://openvpn.net/changelog.html http://secunia.com/advisories/19531 http://secunia.com/advisories/19598 http://secunia.com/advisories/19837 http://secunia.com/advisories/19897 http://sourceforge.net/mailarchive/forum.php?thread_id=10093825&forum_id=8482 http://www.debian.org/security/2006/dsa-1045 http://www.mandriva.com/security/advisories?name=MDKSA-2006:069 http://www.novell.com/linux/security/advisories/2006_04_28.html http://www.osreviews.net/reviews/security/openvpn-print& •

CVSS: 5.0EPSS: 5%CPEs: 78EXPL: 0

OpenVPN 2.x before 2.0.4, when running in TCP mode, allows remote attackers to cause a denial of service (segmentation fault) by forcing the accept function call to return an error status, which leads to a null dereference in an exception handler. • http://openvpn.net/changelog.html http://secunia.com/advisories/17376 http://secunia.com/advisories/17447 http://secunia.com/advisories/17452 http://secunia.com/advisories/17480 http://www.debian.org/security/2005/dsa-885 http://www.gentoo.org/security/en/glsa/glsa-200511-07.xml http://www.novell.com/linux/security/advisories/2005_25_sr.html http://www.osvdb.org/20416 http://www.securityfocus.com/archive/1/415487 http://www.securityfocus.com/bid/15270 •