CVE-2024-5594
Ubuntu Security Notice USN-6860-1
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
OpenVPN before 2.6.11 does not santize PUSH_REPLY messages properly which attackers can use to inject unexpected arbitrary data into third-party executables or plug-ins.
OpenVPN anterior a 2.6.11 no desinfecta adecuadamente los mensajes PUSH_REPLY, lo cual los atacantes pueden usar para inyectar datos arbitrarios inesperados en ejecutables o complementos de terceros.
OpenVPN before 2.6.11 does not santize PUSH_REPLY messages properly which an attacker controlling the server can use to inject unexpected arbitrary data ending up in client logs.
It was discovered that OpenVPN did not perform proper input validation when generating a TLS key under certain configuration, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS. Reynir Bjoernsson discovered that OpenVPN incorrectly handled certain control channel messages with nonprintable characters. A remote attacker could possibly use this issue to cause OpenVPN to consume resources, or fill up log files with garbage, leading to a denial of service.
CVSS Scores
SSVC
- Decision:Attend
Timeline
- 2024-06-03 CVE Reserved
- 2024-07-03 CVE Published
- 2025-04-01 EPSS Updated
- 2025-04-08 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-1287: Improper Validation of Specified Type of Input
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://community.openvpn.net/openvpn/wiki/CVE-2024-5594 | ||
| https://www.mail-archive.com/openvpn-users@lists.sourceforge.net/msg07634.html |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|