// For flags

CVE-2008-3459

 

Severity Score

7.6
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Unspecified vulnerability in OpenVPN 2.1-beta14 through 2.1-rc8, when running on non-Windows systems, allows remote servers to execute arbitrary commands via crafted (1) lladdr and (2) iproute configuration directives, probably related to shell metacharacters.

Una vulnerabilidad no especificada en OpenVPN versiones 2.1-beta14 hasta 2.1-rc8, cuando se ejecuta en sistemas que no son Windows, permite a los servidores remotos ejecutar comandos arbitrarios por medio de la configuraciĆ³n de directivas diseƱadas (1) lladdr y (2) iproute, probablemente relacionadas con los metacaracteres de shell.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
High
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2008-08-04 CVE Reserved
  • 2008-08-04 CVE Published
  • 2023-03-07 EPSS Updated
  • 2024-08-07 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-16: Configuration
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Openvpn
Search vendor "Openvpn"
Openvpn
Search vendor "Openvpn" for product "Openvpn"
2.1
Search vendor "Openvpn" for product "Openvpn" and version "2.1"
beta-14
Affected
Openvpn
Search vendor "Openvpn"
Openvpn
Search vendor "Openvpn" for product "Openvpn"
2.1
Search vendor "Openvpn" for product "Openvpn" and version "2.1"
beta-15
Affected
Openvpn
Search vendor "Openvpn"
Openvpn
Search vendor "Openvpn" for product "Openvpn"
2.1
Search vendor "Openvpn" for product "Openvpn" and version "2.1"
beta-16
Affected
Openvpn
Search vendor "Openvpn"
Openvpn
Search vendor "Openvpn" for product "Openvpn"
2.1
Search vendor "Openvpn" for product "Openvpn" and version "2.1"
rc_1
Affected
Openvpn
Search vendor "Openvpn"
Openvpn
Search vendor "Openvpn" for product "Openvpn"
2.1
Search vendor "Openvpn" for product "Openvpn" and version "2.1"
rc_2
Affected
Openvpn
Search vendor "Openvpn"
Openvpn
Search vendor "Openvpn" for product "Openvpn"
2.1
Search vendor "Openvpn" for product "Openvpn" and version "2.1"
rc_3
Affected
Openvpn
Search vendor "Openvpn"
Openvpn
Search vendor "Openvpn" for product "Openvpn"
2.1
Search vendor "Openvpn" for product "Openvpn" and version "2.1"
rc_4
Affected
Openvpn
Search vendor "Openvpn"
Openvpn
Search vendor "Openvpn" for product "Openvpn"
2.1
Search vendor "Openvpn" for product "Openvpn" and version "2.1"
rc_5
Affected
Openvpn
Search vendor "Openvpn"
Openvpn
Search vendor "Openvpn" for product "Openvpn"
2.1
Search vendor "Openvpn" for product "Openvpn" and version "2.1"
rc_6
Affected
Openvpn
Search vendor "Openvpn"
Openvpn
Search vendor "Openvpn" for product "Openvpn"
2.1
Search vendor "Openvpn" for product "Openvpn" and version "2.1"
rc_7
Affected
Openvpn
Search vendor "Openvpn"
Openvpn
Search vendor "Openvpn" for product "Openvpn"
2.1
Search vendor "Openvpn" for product "Openvpn" and version "2.1"
rc_8
Affected