Lucene search

[email protected]NVD:CVE-2005-3393

HistoryNov 01, 2005 - 12:47 p.m.

CVE-2005-3393

2005-11-0112:47:00

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

Low

0.024 Low

EPSS

Percentile

90.1%

JSON

Format string vulnerability in the foreign_option function in options.c for OpenVPN 2.0.x allows remote clients to execute arbitrary code via format string specifiers in a push of the dhcp-option command option.

Affected configurations

NVD

Node

openvpnopenvpnMatch2.0

openvpnopenvpnMatch2.0_beta11

openvpnopenvpn_access_serverMatch2.0.1

openvpnopenvpn_access_serverMatch2.0.2

References

marc.info/?l=bugtraq&m=113081023121059&w=2

openvpn.net/changelog.html

secunia.com/advisories/17376

secunia.com/advisories/17447

secunia.com/advisories/17452

secunia.com/advisories/17480

www.debian.org/security/2005/dsa-885

www.gentoo.org/security/en/glsa/glsa-200511-07.xml

www.novell.com/linux/security/advisories/2005_25_sr.html

www.securityfocus.com/archive/1/415487

www.securityfocus.com/bid/15239

www.vupen.com/english/advisories/2005/2255

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

Low

0.024 Low

EPSS

Percentile

90.1%

JSON

Related for NVD:CVE-2005-3393

cve1 freebsd1 openvas6 debiancve1 cvelist1 ubuntucve1 nessus5 debian2 osv1 gentoo1 altlinux1