CVSS: 6.5EPSS: 1%CPEs: 8EXPL: 0CVE-2017-7479 – Debian Security Advisory 3900-1
https://notcve.org/view.php?id=CVE-2017-7479
11 May 2017 — OpenVPN versions before 2.3.15 and before 2.4.2 are vulnerable to reachable assertion when packet-ID counter rolls over resulting into Denial of Service of server by authenticated attacker. OpenVPN versiones anteriores a 2.3.15 y anteriores a 2.4.2, son vulnerables a una aserción alcanzable cuando el contador del identificador de paquete se devuelve como resultado de una denegación de servicio del servidor por parte de un atacante autenticado. Karthikeyan Bhargavan and Gaetan Leurent discovered that 64-bit ... • http://www.debian.org/security/2017/dsa-3900 • CWE-617: Reachable Assertion •
CVSS: 5.9EPSS: 8%CPEs: 1EXPL: 0CVE-2016-6329 – Micro Focus Security Bulletin MFSBGN03794 2
https://notcve.org/view.php?id=CVE-2016-6329
01 Nov 2016 — OpenVPN, when using a 64-bit block cipher, makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTP-over-OpenVPN session using Blowfish in CBC mode, aka a "Sweet32" attack. OpenVPN, cuando utiliza un cifrado de bloques de 64 bits, facilita a atacantes remotos obtener datos de texto plano a través de un ataque birthday contra una sesión encriptada de larga duración, como lo demuestra una sesión HTTP-over-OpenVPN ... • http://www-01.ibm.com/support/docview.wss?uid=nas8N1021697 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-310: Cryptographic Issues •
CVSS: 6.8EPSS: 1%CPEs: 142EXPL: 0CVE-2014-8104 – Mandriva Linux Security Advisory 2014-246
https://notcve.org/view.php?id=CVE-2014-8104
02 Dec 2014 — OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x before 2.3.6 allows remote authenticated users to cause a denial of service (server crash) via a small control channel packet. OpenVPN 2.x anterior a 2.0.11, 2.1.x, 2.2.x anterior a 2.2.3, y 2.3.x anterior a 2.3.6 permite a usuarios remotos autenticados causar una denegación de servicio (caída del servidor) a través de un paquete de canal de control pequeño. Dragana Damjanovic discovered that OpenVPN incorrectly handled certain control channel ... • http://advisories.mageia.org/MGASA-2014-0512.html • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 3CVE-2014-9104
https://notcve.org/view.php?id=CVE-2014-9104
26 Nov 2014 — Multiple cross-site request forgery (CSRF) vulnerabilities in the XML-RPC API in the Desktop Client in OpenVPN Access Server 1.5.6 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) disconnecting established VPN sessions, (2) connect to arbitrary VPN servers, or (3) create VPN profiles and execute arbitrary commands via crafted API requests. Múltiples vulnerabilidades de CSRF en la API XML-RPC en Desktop Client en OpenVPN Access Server 1.5.6 y anteriores ... • http://openvpn.net/index.php/access-server/security-advisories.html • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 4CVE-2014-5455 – OpenVPN Private Tunnel Core Service - Unquoted Service Path Privilege Escalation
https://notcve.org/view.php?id=CVE-2014-5455
25 Aug 2014 — Unquoted Windows search path vulnerability in the ptservice service prior to PrivateTunnel version 3.0 (Windows) and OpenVPN Connect version 3.1 (Windows) allows local users to gain privileges via a crafted program.exe file in the %SYSTEMDRIVE% folder. Vulnerabilidad de la ruta de búsqueda de Windows sin entrecomillar en el servicio ptservice anterior a la versión 3.0 de PrivateTunnel (Windows) y a la versión 3.1 de OpenVPN Connect (Windows) permite a los usuarios locales obtener privilegios a través de un ... • https://www.exploit-db.com/exploits/34037 • CWE-428: Unquoted Search Path or Element •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2013-2692
https://notcve.org/view.php?id=CVE-2013-2692
13 May 2014 — Cross-site request forgery (CSRF) vulnerability in the Admin web interface in OpenVPN Access Server before 1.8.5 allows remote attackers to hijack the authentication of administrators for requests that create administrative users. Vulnerabilidad de CSRF en la interfaz Admin web en OpenVPN Access Server anterior a 1.8.5 permite a atacantes remotos secuestrar la autenticación de administradores para solicitudes que crean usuarios administrativos. • http://openvpn.net/index.php/access-server/download-openvpn-as-sw/531-release-notes-v185.html • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.9EPSS: 1%CPEs: 16EXPL: 1CVE-2013-2061 – Mandriva Linux Security Advisory 2013-167
https://notcve.org/view.php?id=CVE-2013-2061
28 May 2013 — The openvpn_decrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when running in UDP mode, allows remote attackers to obtain sensitive information via a timing attack involving an HMAC comparison function that does not run in constant time and a padding oracle attack on the CBC mode cipher. La función openvpn_decrypt en el archivo crypto.c en OpenVPN versiones 2.3.0 y anteriores, cuando se ejecuta en modo UDP, permite a los atacantes remotos obtener información confidencial por medio de un ataque de s... • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105568.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 1%CPEs: 11EXPL: 0CVE-2008-3459
https://notcve.org/view.php?id=CVE-2008-3459
04 Aug 2008 — Unspecified vulnerability in OpenVPN 2.1-beta14 through 2.1-rc8, when running on non-Windows systems, allows remote servers to execute arbitrary commands via crafted (1) lladdr and (2) iproute configuration directives, probably related to shell metacharacters. Una vulnerabilidad no especificada en OpenVPN versiones 2.1-beta14 hasta 2.1-rc8, cuando se ejecuta en sistemas que no son Windows, permite a los servidores remotos ejecutar comandos arbitrarios por medio de la configuración de directivas diseñadas (1... • http://openvpn.net/index.php/documentation/change-log/changelog-21.html • CWE-16: Configuration •
CVSS: 9.1EPSS: 0%CPEs: 85EXPL: 0CVE-2006-2229
https://notcve.org/view.php?id=CVE-2006-2229
05 May 2006 — OpenVPN 2.0.7 and earlier, when configured to use the --management option with an IP that is not 127.0.0.1, uses a cleartext password for TCP sessions to the management interface, which might allow remote attackers to view sensitive information or cause a denial of service. • http://openvpn.net/man.html •
CVSS: 9.8EPSS: 4%CPEs: 6EXPL: 0CVE-2006-1629
https://notcve.org/view.php?id=CVE-2006-1629
06 Apr 2006 — OpenVPN 2.0 through 2.0.5 allows remote malicious servers to execute arbitrary code on the client by using setenv with the LD_PRELOAD environment variable. • http://openvpn.net/changelog.html •