2382 matches found
The vulnerability of the OpenSSL library used in OpenVPN software allows a hacker to execute arbitrary code.
The vulnerability of the OpenSSL library used in OpenVPN software is related to errors in the path validation mechanism. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
MGASA-2021-0344 Updated webmin package fixes security vulnerability
The webmin package has been updated to version 1.979, which has fixes for handling un-trusted inputs in the Network Configuration module. Also, the openvpn module has been updated to version 3.2...
Updated webmin package fixes security vulnerability
The webmin package has been updated to version 1.979, which has fixes for handling un-trusted inputs in the Network Configuration module. Also, the openvpn module has been updated to version 3.2...
CVE-2021-3547
OpenVPN 3 Core Library version 3.6 and 3.6.1 allows a man-in-the-middle attacker to bypass the certificate authentication by issuing an unrelated server certificate using the same hostname found in the verify-x509-name option in a client configuration...
CVE-2021-3547
OpenVPN 3 Core Library version 3.6 and 3.6.1 allows a man-in-the-middle attacker to bypass the certificate authentication by issuing an unrelated server certificate using the same hostname found in the verify-x509-name option in a client configuration...
Design/Logic Flaw
OpenVPN 3 Core Library version 3.6 and 3.6.1 allows a man-in-the-middle attacker to bypass the certificate authentication by issuing an unrelated server certificate using the same hostname found in the verify-x509-name option in a client configuration...
CVE-2021-3547
OpenVPN 3 Core Library version 3.6 and 3.6.1 allows a man-in-the-middle attacker to bypass the certificate authentication by issuing an unrelated server certificate using the same hostname found in the verify-x509-name option in a client configuration...
CVE-2021-3547
OpenVPN 3 Core Library versions 3.6–3.6.1 are affected by a vulnerability that lets a man-in-the-middle bypass certificate authentication by issuing an unrelated server certificate that uses the same hostname as configured in verify-x509-name. This is a client-side trust management issue in certi...
CVE-2021-3547
OpenVPN 3 Core Library version 3.6 and 3.6.1 allows a man-in-the-middle attacker to bypass the certificate authentication by issuing an unrelated server certificate using the same hostname found in the verify-x509-name option in a client configuration...
CVE-2021-3547
OpenVPN 3 Core Library version 3.6 and 3.6.1 allows a man-in-the-middle attacker to bypass the certificate authentication by issuing an unrelated server certificate using the same hostname found in the verify-x509-name option in a client configuration...
Vulnerability fixed in OpenVPN
A vulnerability has been fixed in OpenVPN. The vulnerability allows a malicious party in a Man-in-the-Middle position to be able to bypass certificate-based authentication. To do so the malicious party must generate its own server certificate containing containing the hostname as it appears in th...
OpenVPN 信任管理问题漏洞
OpenVPN is a software package for creating virtual private network VPN encrypted tunnels from US-based OpenVPN, which uses the OpenSSL library to encrypt data and control information and allows the created VPN to be authenticated using a public key, an electronic certificate, or a...
PT-2021-20922 · Openvpn · Openvpn 3 Core Library
Name of the Vulnerable Software and Affected Versions: OpenVPN 3 Core Library versions 3.6 through 3.6.1 Description: The issue allows a man-in-the-middle attacker to bypass the certificate authentication by issuing an unrelated server certificate using the same hostname found in the...
The vulnerability of the software used to create the private virtual network astra-openvpn-server lies in errors in the authentication process, which allow a perpetrator to cause service interruptions.
The software vulnerability related to the creation of a private virtual network, astra-openvpn-server, is caused by an error in certificate rehydration. Exploiting this vulnerability allows a remote attacker to cause service interruptions...
The vulnerability of the software used to create the private virtual network astra-openvpn-server, related to its configuration, allows a hacker to trigger a service failure.
The vulnerability of the software used to create the private virtual network astra-openvpn-server is related to incorrect configuration of IP addresses. Exploiting this vulnerability allows a malicious actor to cause service interruptions...
The vulnerability of the software for creating a private virtual network, astra-openvpn-server, relates to the bypass of authentication due to a fundamental error. This allows a perpetrator to access confidential data, compromise its integrity, and cause service failures.
The vulnerability of the software used to create the private virtual network astra-openvpn-serve is related to the improper creation of certificates, which are generated without authentication parameters. Exploiting this vulnerability allows a malicious actor to gain access to confidential data,...
The vulnerability of the software for creating a private virtual network, astra-openvpn-server, related to code errors, allows a intruder to trigger a service failure.
The vulnerability of the software used to create the private virtual network astra-openvpn-server is related to a code error that prevents the /etc/openvpn/keys/ directory from being created. Exploiting this vulnerability allows a remote attacker to cause service interruptions...
Unspecified Vulnerability in OpenVPN Connect
Openvpn OpenVPN Connect is a VPN Virtual Private Network client application from the American company OpenVPN Openvpn. A security vulnerability exists in OpenVPNConnect 3.2.0 through 3.3.0 that allows a local user to load arbitrary dynamically loadable libraries if present via an OpenSSL...
OpenVPN suffers from an unspecified vulnerability (CNVD-2021-49155)
OpenVPN is a software package from the American company OpenVPN for creating encrypted tunnels for Virtual Private Networks VPNs, which uses the OpenSSL library to encrypt data and control information, and allows created VPNs to be authenticated using public keys, electronic certificates, or...
Advisory ROSA-SA-2021-1940
Software: openvpn 2.4.9 OS: Cobalt 7.9 CVE-ID: CVE-2020-11462 CVE-Crit: HIGH CVE-DESC: The issue was found in OpenVPN Access Server before 2.7.0 and 2.8.x before 2.8.3. When the full-featured RPC2 interface is enabled, a temporary management interface DoS state can be reached when sending an XML...