CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2018-9336 – Slackware Security Advisory - openvpn Updates
https://notcve.org/view.php?id=CVE-2018-9336
27 Apr 2018 — openvpnserv.exe (aka the interactive service helper) in OpenVPN 2.4.x before 2.4.6 allows a local attacker to cause a double-free of memory by sending a malformed request to the interactive service. This could cause a denial-of-service through memory corruption or possibly have unspecified other impact including privilege escalation. openvpnserv.exe (también conocido como interactive service helper) en OpenVPN en versiones 2.4.x anteriores a la 2.4.6 permite que un atacante local provoque una doble liberaci... • http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackware-security.568761 • CWE-415: Double Free •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 1CVE-2018-7544
https://notcve.org/view.php?id=CVE-2018-7544
16 Mar 2018 — A cross-protocol scripting issue was discovered in the management interface in OpenVPN through 2.4.5. When this interface is enabled over TCP without a password, and when no other clients are connected to this interface, attackers can execute arbitrary management commands, obtain sensitive information, or cause a denial of service (SIGTERM) by triggering XMLHttpRequest actions in a web browser. This is demonstrated by a multipart/form-data POST to http://localhost:23000 with a "signal SIGTERM" command in a ... • http://blog.0xlabs.com/2018/03/openvpn-remote-information-disclosure.html • CWE-134: Use of Externally-Controlled Format String •
CVSS: 9.8EPSS: 1%CPEs: 3EXPL: 0CVE-2017-12166 – Ubuntu Security Notice USN-7340-1
https://notcve.org/view.php?id=CVE-2017-12166
03 Oct 2017 — OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution. OpenVPN en versiones anteriores a la 2.3.3 y en versiones 2.4.x anteriores a la 2.4.4 es vulnerable a undesbordamiento de búfer cuando se utiliza key-method 1, lo que puede provocar la ejecución de código. It was discovered that OpenVPN did not perform proper input validation when generating a TLS key under certain configuration, which could ... • http://www.securityfocus.com/bid/101153 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 1%CPEs: 9EXPL: 0CVE-2017-7508 – Debian Security Advisory 3900-1
https://notcve.org/view.php?id=CVE-2017-7508
22 Jun 2017 — OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service when receiving malformed IPv6 packet. Las versiones anteriores a 2.4.3 y anterior a 2.3.17 de OpenVPN, son vulnerables a la denegación de servicio remota cuando se reciben paquetes IPv6 malformados. Karthikeyan Bhargavan and Gaetan Leurent discovered that 64-bit block ciphers are vulnerable to a birthday attack. A remote attacker could possibly use this issue to recover cleartext data. Fixing this issue requires a con... • http://www.debian.org/security/2017/dsa-3900 • CWE-617: Reachable Assertion •
CVSS: 7.4EPSS: 0%CPEs: 9EXPL: 0CVE-2017-7520 – Debian Security Advisory 3900-1
https://notcve.org/view.php?id=CVE-2017-7520
22 Jun 2017 — OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service and/or possibly sensitive memory leak triggered by man-in-the-middle attacker. Las versiones anteriores a 2.4.3 y anterior a 2.3.17 de OpenVPN, son vulnerables a la denegación de servicio y/o posiblemente a la pérdida de memoria confidencial activada por un atacante de tipo man-in-the-middle. Karthikeyan Bhargavan and Gaetan Leurent discovered that 64-bit block ciphers are vulnerable to a birthday attack. A remote attacker c... • http://www.debian.org/security/2017/dsa-3900 • CWE-125: Out-of-bounds Read CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 0%CPEs: 9EXPL: 0CVE-2017-7521 – Debian Security Advisory 3900-1
https://notcve.org/view.php?id=CVE-2017-7521
22 Jun 2017 — OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service due to memory exhaustion caused by memory leaks and double-free issue in extract_x509_extension(). Las versiones de OpenVPN anteriores a 2.4.3 y 2.3.17, son vulnerables a una denegación de servicio remota debido a un agotamiento de memoria causado por pérdida de memoria y un problema de doble liberación (Double Free) en la función extract_x509_extension(). Karthikeyan Bhargavan and Gaetan Leurent discovered that 64-bi... • http://www.debian.org/security/2017/dsa-3900 • CWE-400: Uncontrolled Resource Consumption CWE-415: Double Free CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2017-7522 – Slackware Security Advisory - openvpn Updates
https://notcve.org/view.php?id=CVE-2017-7522
22 Jun 2017 — OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certificate with an embedded NULL character. Las versiones de OpenVPN anteriores a 2.4.3 y 2.3.17, son vulnerables a una denegación de servicio por parte de un atacante remoto autenticado mediante el envío de un certificado con un carácter NULL insertado. New openvpn packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. • http://www.securityfocus.com/bid/99230 • CWE-20: Improper Input Validation CWE-476: NULL Pointer Dereference •
CVSS: 6.1EPSS: 5%CPEs: 1EXPL: 3CVE-2017-5868 – OpenVPN Access Server 2.1.4 CRLF Injection
https://notcve.org/view.php?id=CVE-2017-5868
25 May 2017 — CRLF injection vulnerability in the web interface in OpenVPN Access Server 2.1.4 allows remote attackers to inject arbitrary HTTP headers and consequently conduct session fixation attacks and possibly HTTP response splitting attacks via "%0A" characters in the PATH_INFO to __session_start__/. Una vulnerabilidad de inyección CRLF en la interfaz web en OpenVPN Access Server versión 2.1.4, permite a los atacantes remotos inyectar encabezados HTTP arbitrarios y, en consecuencia, conducir ataques de fijación de ... • https://packetstorm.news/files/id/142696 • CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection') •
CVSS: 7.5EPSS: 3%CPEs: 10EXPL: 2CVE-2017-7478 – OpenVPN 2.4.0 - Denial of Service
https://notcve.org/view.php?id=CVE-2017-7478
11 May 2017 — OpenVPN version 2.3.12 and newer is vulnerable to unauthenticated Denial of Service of server via received large control packet. Note that this issue is fixed in 2.3.15 and 2.4.2. OpenVPN versión 2.3.12 y más recientes, son vulnerables a la Denegación de Servicio no autenticada del servidor por medio de un paquete de control grande recibido. Tenga en cuenta que este problema se corrige en versiones 2.3.15 y 2.4.2. It was discovered that OpenVPN improperly triggered an assert when receiving an oversized cont... • https://packetstorm.news/files/id/142489 • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •
CVSS: 6.5EPSS: 1%CPEs: 8EXPL: 0CVE-2017-7479 – Debian Security Advisory 3900-1
https://notcve.org/view.php?id=CVE-2017-7479
11 May 2017 — OpenVPN versions before 2.3.15 and before 2.4.2 are vulnerable to reachable assertion when packet-ID counter rolls over resulting into Denial of Service of server by authenticated attacker. OpenVPN versiones anteriores a 2.3.15 y anteriores a 2.4.2, son vulnerables a una aserción alcanzable cuando el contador del identificador de paquete se devuelve como resultado de una denegación de servicio del servidor por parte de un atacante autenticado. Karthikeyan Bhargavan and Gaetan Leurent discovered that 64-bit ... • http://www.debian.org/security/2017/dsa-3900 • CWE-617: Reachable Assertion •