2382 matches found
UBUNTU-CVE-2022-0547
OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials...
CVE-2022-0547
OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials...
Authentication flaw
OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials...
CVE-2022-0547
OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials...
CVE-2022-0547
OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials...
CVE-2022-0547
OpenVPN 2.1–2.4.12 and 2.5.6 are affected by CVE-2022-0547, which enables authentication bypass when multiple external authentication plug-ins use deferred authentication replies, potentially granting access with partially correct credentials. The root cause involves how deferred responses from m...
CVE-2022-0547
OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials...
CVE-2022-0547
OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials...
OpenVPN 授权问题漏洞
OpenVPN is a software package for creating encrypted tunnels for virtual private networks VPNs from US-based OpenVPN, which uses the OpenSSL library to encrypt data and control information and allows created VPNs to be authenticated using public keys, electronic certificates, or...
Vulnerability fixed in OpenVPN
A vulnerability has been fixed in OpenVPN. A malicious person who has a user's partial credentials can exploit the exploit the vulnerability to bypass authentication. Only systems that use multiple external authentication plug-ins are vulnerable. OpenVPN has released updates to fix the...
[SECURITY] Fedora 35 Update: openvpn-2.5.6-1.fc35
OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for...
FreeBSD : openvpn -- Potential authentication by-pass with multiple deferred authentication plug-ins (45a72180-a640-11ec-a08b-85298243e224)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 45a72180-a640-11ec-a08b-85298243e224 advisory. - OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication...
Fedora 35 : openvpn (2022-a9bd17092d)
The remote Fedora 35 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-a9bd17092d advisory. This is a maintenance release of OpenVPN 2.5 with a security fix when used in server mode CVE-2022-0547. The other changes are available in Changes.rst. NOTE...
Multiple vulnerabilities in pfSense
Overview pfSense software provided by Netgate contains multiple vulnerabilities listed below. Cross-site scripting CWE-79 - CVE-2021-20729 Improper access control CWE-284 - CVE-2022-26019 Improper input validation CWE-20 - CVE-2022-24299 Yutaka WATANABE of Ierae Security Inc. reported these...
Netgate pfSense CE 输入验证错误漏洞
Netgate pfSense CE is a free and open source FreeBSD-based firewall and router software. An input validation error vulnerability exists in Netgate pfSense CE, which could allow an attacker who has the power to change the settings of an OpenVPN client or server to execute arbitrary commands...
openvpn -- Potential authentication by-pass with multiple deferred authentication plug-ins
David Sommerseth reports: OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials...
CVE-2021-3773
A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks...
CVE-2021-3773
A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks...
Design/Logic Flaw
A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks...
CVE-2021-3773
A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks...