2382 matches found
CVE-2020-15077
OpenVPN Access Server 2.8.7 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks...
CVE-2020-15077
OpenVPN Access Server 2.8.7 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks...
Authentication flaw
OpenVPN Access Server 2.8.7 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks...
Authentication flaw
OpenVPN Access Server 2.7.3 to 2.8.7 allows remote attackers to trigger an assert during the user authentication phase via incorrect authentication token data in an early phase of the user authentication resulting in a denial of service...
CVE-2020-36382
OpenVPN Access Server 2.7.3 to 2.8.7 allows remote attackers to trigger an assert during the user authentication phase via incorrect authentication token data in an early phase of the user authentication resulting in a denial of service...
CVE-2020-36382
OpenVPN Access Server versions 2.7.3 through 2.8.7 are affected by CVE-2020-36382. The issue is a failure during the user authentication phase where incorrect authentication token data can trigger an assert, leading to a denial of service. This vulnerability is documented by SUSE security advisor...
CVE-2020-15077
OpenVPN Access Server 2.8.7 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks...
CVE-2020-15077
OpenVPN Access Server CVE-2020-15077 affects OpenVPN Access Server 2.8.7 and earlier. The vulnerability allows remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, potentially enabling information leaks. The connected docume...
PT-2021-9735 · Openvpn · Openvpn Access Server
Name of the Vulnerable Software and Affected Versions: OpenVPN Access Server versions 2.8.7 and earlier Description: The issue allows remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication. This can potentially be used to trigg...
OpenVPN 代码问题漏洞
Openvpn OpenVPN is a software package for creating virtual private network VPN encrypted tunnels from the US-based OpenVPN Openvpn, which uses the OpenSSL library to encrypt data and control information, and allows created VPNs to be authenticated using a public key, an e-certificate, or a...
PT-2021-12032 · Openvpn · Openvpn Access Server
Name of the Vulnerable Software and Affected Versions: OpenVPN Access Server versions 2.7.3 through 2.8.7 Description: The issue allows remote attackers to trigger an assert during the user authentication phase. This occurs when incorrect authentication token data is provided in an early phase of...
OpenVPN 授权问题漏洞
Openvpn OpenVPN is a software package for creating virtual private network VPN encrypted channels from the US-based OpenVPN Openvpn, which uses the OpenSSL library to encrypt data and control information and allows the created VPN to be authenticated using a public key, an electronic certificate,...
OpenVPN has an unspecified vulnerability
Openvpn OpenVPN is a software package from the American company OpenVPN Openvpn for creating encrypted tunnels for Virtual Private Networks VPNs, which uses the OpenSSL library to encrypt data and control information, and allows created VPNs to be authenticated using a public key, an e-certificat...
OpenVPN: Authentication bypass
Background OpenVPN is a multi-platform, full-featured SSL VPN solution. Description It was discovered that OpenVPN incorrectly handled deferred authentication. Impact A remote attacker could bypass authentication and access control channel data and trigger further information leaks. Workaround...
OpenVPN 后置链接漏洞
Openvpn OpenVPN is a software package from the American company OpenVPN Openvpn for creating encrypted tunnels for Virtual Private Networks VPNs, which uses the OpenSSL library to encrypt data and control information, and allows created VPNs to be authenticated using a public key, an e-certificat...
openSUSE Security Update : openvpn (openSUSE-2021-734)
This update for openvpn fixes the following issues : - CVE-2020-15078: Fixed authentication bypass with deferred authentication bsc1185279. - CVE-2020-11810: Fixed race condition between allocating peer-id and initializing data channel key bsc1169925. - CVE-2018-7544: Fixed cross-protocol scripti...
openSUSE: Security Advisory for openvpn (openSUSE-SU-2021:0734-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OPENSUSE-SU-2021:0734-1 Security update for openvpn
This update for openvpn fixes the following issues: - CVE-2020-15078: Fixed authentication bypass with deferred authentication bsc1185279. - CVE-2020-11810: Fixed race condition between allocating peer-id and initializing data channel key bsc1169925. - CVE-2018-7544: Fixed cross-protocol scriptin...
Security update for openvpn (moderate)
openSUSE Security Update: Security update for openvpn Announcement ID: openSUSE-SU-2021:0734-1 Rating: moderate References: 1085803 1169925 1185279 Cross-References: CVE-2018-7544 CVE-2020-11810 CVE-2020-15078 CVSS scores: CVE-2018-7544 NVD : 9.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H...
SUSE SLED15 / SLES15 Security Update : openvpn (SUSE-SU-2021:1577-1)
This update for openvpn fixes the following issues : CVE-2020-15078: Fixed authentication bypass with deferred authentication bsc1185279. CVE-2020-11810: Fixed race condition between allocating peer-id and initializing data channel key bsc1169925. CVE-2018-7544: Fixed cross-protocol scripting iss...