Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-3339-1
HistoryJun 22, 2017 - 12:00 a.m.

OpenVPN vulnerabilities

2017-06-2200:00:00
ubuntu.com
63

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.9 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.017 Low

EPSS

Percentile

87.7%

JSON

Releases

  • Ubuntu 17.04
  • Ubuntu 16.10
  • Ubuntu 16.04 ESM
  • Ubuntu 14.04 ESM

Packages

  • openvpn - virtual private network software

Details

Karthikeyan Bhargavan and Gaëtan Leurent discovered that 64-bit block
ciphers are vulnerable to a birthday attack. A remote attacker could
possibly use this issue to recover cleartext data. Fixing this issue
requires a configuration change to switch to a different cipher. This
update adds a warning to the log file when a 64-bit block cipher is in use.
This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and
Ubuntu 16.10. (CVE-2016-6329)

It was discovered that OpenVPN incorrectly handled rollover of packet ids.
An authenticated remote attacker could use this issue to cause OpenVPN to
crash, resulting in a denial of service. This issue only affected Ubuntu
14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2017-7479)

Guido Vranken discovered that OpenVPN incorrectly handled certain malformed
IPv6 packets. A remote attacker could use this issue to cause OpenVPN to
crash, resulting in a denial of service. (CVE-2017-7508)

Guido Vranken discovered that OpenVPN incorrectly handled an HTTP proxy
with NTLM authentication. A remote attacker could use this issue to cause
OpenVPN clients to crash, resulting in a denial of service, or possibly
expose sensitive memory contents. (CVE-2017-7520)

Guido Vranken discovered that OpenVPN incorrectly handled certain x509
extensions. A remote attacker could use this issue to cause OpenVPN to
crash, resulting in a denial of service. (CVE-2017-7521)

OSVersionArchitecturePackageVersionFilename
Ubuntu17.04noarchopenvpn< 2.4.0-4ubuntu1.3UNKNOWN
Ubuntu17.04noarchopenvpn-dbgsym< 2.4.0-4ubuntu1.3UNKNOWN
Ubuntu16.10noarchopenvpn< 2.3.11-1ubuntu2.1UNKNOWN
Ubuntu16.10noarchopenvpn-dbgsym< 2.3.11-1ubuntu2.1UNKNOWN
Ubuntu16.04noarchopenvpn< 2.3.10-1ubuntu2.1UNKNOWN
Ubuntu16.04noarchopenvpn-dbgsym< 2.3.10-1ubuntu2.1UNKNOWN
Ubuntu14.04noarchopenvpn< 2.3.2-7ubuntu3.2UNKNOWN
Ubuntu14.04noarchopenvpn-dbgsym< 2.3.2-7ubuntu3.2UNKNOWN

Related

openvas 27
nessus 31
debian 6
fedora 9
suse 6
osv 8
f5 4
mageia 3
redhatcve 4
amazon 2
archlinux 2
hackerone 1
altlinux 2
thn 1
slackware 1
freebsd 2
prion 6
veracode 2
cve 6
alpinelinux 1
ubuntucve 6
debiancve 5
ubuntu 2
gentoo 1
threatpost 2
ibm 6
symantec 1
fortinet 1
ics 1
kitploit 1
openvas
openvas
Ubuntu: Security Advisory (USN-3339-1)
2017-06-23 00:00:00
Debian Security Advisory DSA 3900-1 (openvpn - security update)
2017-06-27 00:00:00
Debian: Security Advisory (DSA-3900-1)
2017-06-26 00:00:00
nessus
nessus
Debian DSA-3900-1 : openvpn - security update
2017-06-28 00:00:00
Ubuntu 14.04 LTS / 16.04 LTS : OpenVPN vulnerabilities (USN-3339-1)
2017-06-23 00:00:00
openSUSE Security Update : openvpn (openSUSE-2017-730)
2017-06-30 00:00:00
debian
debian
[SECURITY] [DSA 3900-1] openvpn security update
2017-06-27 19:51:56
[SECURITY] [DSA 3900-1] openvpn security update
2017-06-27 19:51:56
[BSA-116] Security Update for openvpn
2017-07-05 07:52:52
fedora
fedora
[SECURITY] Fedora 25 Update: openvpn-2.4.3-1.fc25
2017-06-23 20:54:35
[SECURITY] Fedora 26 Update: openvpn-2.4.3-1.fc26
2017-06-24 03:09:57
[SECURITY] Fedora 24 Update: openvpn-2.3.17-1.fc24
2017-06-30 20:51:03
suse
suse
Security update for openvpn (important)
2017-06-26 15:16:30
Security update for openvpn-openssl1 (important)
2017-06-29 18:12:39
Security update for openvpn (important)
2017-06-21 18:11:05
osv
osv
openvpn - security update
2017-06-27 00:00:00
CVE-2017-7508
2017-06-27 13:29:00
CVE-2017-7479
2017-05-15 18:29:00
f5
f5
K63104801 : OpenVPN vulnerabilities CVE-2017-7508, CVE-2017-7520, CVE-2017-7521, and CVE-2017-7522
2017-08-03 00:00:00
SOL30315990 - OpenVPN vulnerability CVE-2016-6329
2016-09-12 00:00:00
K30315990 : OpenVPN vulnerability CVE-2016-6329
2016-09-12 00:00:00
mageia
mageia
Updated openvpn packages fix security vulnerabilities
2017-07-28 21:12:15
Updated openvpn packages fix security vulnerability
2016-09-16 12:27:13
Updated openvpn packages fix security vulnerability
2017-06-02 00:25:58
redhatcve
redhatcve
CVE-2017-7508
2017-06-23 07:23:28
CVE-2017-7520
2017-06-23 07:23:15
CVE-2017-7521
2017-06-23 07:23:00
amazon
amazon
Important: openvpn
2017-06-27 17:47:00
Medium: openvpn
2016-09-27 10:30:00
archlinux
archlinux
[ASA-201706-27] openvpn: multiple issues
2017-06-22 00:00:00
[ASA-201705-16] openvpn: denial of service
2017-05-13 00:00:00
hackerone
hackerone
Internet Bug Bounty: 4 severe remote + several minor OpenVPN vulnerabilities
2017-06-23 10:58:19
altlinux
altlinux
Security fix for the ALT Linux 9 package openvpn version June
2017-06-21 00:00:00
Security fix for the ALT Linux 9 package openvpn version 2.4.2-alt1
2017-05-14 00:00:00
thn
thn
Critical RCE Flaw Found in OpenVPN that Escaped Two Recent Security Audits
2017-06-21 21:08:00
slackware
slackware
[slackware-security] openvpn
2017-06-21 18:40:28
freebsd
freebsd
OpenVPN -- several vulnerabilities
2017-05-19 00:00:00
OpenVPN -- two remote denial-of-service vulnerabilities
2017-05-10 00:00:00
prion
prion
Denial of service
2017-06-27 13:29:00
Authentication flaw
2017-05-15 18:29:00
Double free
2017-06-27 13:29:00
veracode
veracode
Denial Of Service (DoS)
2020-09-21 06:29:14
Sweet32 Attack
2020-09-21 06:32:55
cve
cve
CVE-2017-7508
2017-06-27 13:29:00
CVE-2017-7479
2017-05-15 18:29:00
CVE-2016-6329
2017-01-31 22:59:00
alpinelinux
alpinelinux
CVE-2017-7479
2017-05-15 18:29:00
ubuntucve
ubuntucve
CVE-2017-7508
2017-06-21 00:00:00
CVE-2017-7521
2017-06-21 00:00:00
CVE-2017-7479
2017-05-11 00:00:00
debiancve
debiancve
CVE-2017-7508
2017-06-27 13:29:00
CVE-2017-7479
2017-05-15 18:29:00
CVE-2016-6329
2017-01-31 22:59:00
ubuntu
ubuntu
OpenVPN vulnerability
2017-08-07 00:00:00
OpenVPN vulnerabilities
2017-05-11 00:00:00
gentoo
gentoo
OpenVPN: Multiple vulnerabilities
2016-11-01 00:00:00
threatpost
threatpost
OpenVPN Patches Critical Remote Code Execution Vulnerability
2017-06-21 11:14:36
OpenVPN Audits Yield Mixed Bag
2017-05-15 17:12:09
ibm
ibm
Security Bulletin: IBM i is affected by several vulnerabilities (CVE-2016-2183 and CVE-2016-6329)
2019-12-18 14:26:38
Security Bulletin: IBM b-type Network/Storage switches are affected by Sweet32: Birthday attacks on 64-bit block ciphers in TLS and OpenVPN (openssl ,redhat,openVPN) vulnerabilities.
2018-10-01 21:25:01
Security Bulletin: IBM Cisco Switches and Directors vulnerable to Sweet32 Birthday attacks (CVE-2016-2183 CVE-2016-6329).
2022-04-11 15:07:09
symantec
symantec
SA133 : Sweet32 Birthday Attack against DES, 3DES, and Blowfish
2016-12-22 08:00:00
fortinet
fortinet
Protect
2019-02-07 00:00:00
ics
ics
Siemens SIMATIC RF6XXR
2019-07-11 12:00:00
kitploit
kitploit
CATSploit - An Automated Penetration Testing Tool Using Cyber Attack Techniques Scoring
2024-01-08 11:30:00

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.9 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.017 Low

EPSS

Percentile

87.7%

JSON
Related for USN-3339-1
openvas27nessus31debian6fedora9suse6osv8f54mageia3redhatcve4amazon2archlinux2hackerone1altlinux2thn1slackware1freebsd2prion6veracode2cve6alpinelinux1ubuntucve6debiancve5ubuntu2gentoo1threatpost2ibm6symantec1fortinet1ics1kitploit1