2381 matches found
Authentication flaw
OpenVPN Access Server older than version 2.8.4 and version 2.9.5 generates new user authentication tokens instead of reusing exiting tokens on reconnect making it possible to circumvent the initial token expiry timestamp...
CVE-2020-15074
CVE-2020-15074 affects OpenVPN Access Server versions older than 2.8.4 and 2.9.5, where reconnects generate new user authentication tokens instead of reusing existing tokens, bypassing the initial token expiry timestamp. The provided documents do not specify affected product versions beyond those...
CVE-2020-15074
OpenVPN Access Server older than version 2.8.4 and version 2.9.5 generates new user authentication tokens instead of reusing exiting tokens on reconnect making it possible to circumvent the initial token expiry timestamp...
DEBIAN-CVE-2020-15473
In nDPI through 3.2, the OpenVPN dissector is vulnerable to a heap-based buffer over-read in ndpisearchopenvpn in lib/protocols/openvpn.c...
CVE-2020-15473
In nDPI through 3.2, the OpenVPN dissector is vulnerable to a heap-based buffer over-read in ndpisearchopenvpn in lib/protocols/openvpn.c...
CVE-2020-15473
In nDPI through 3.2, the OpenVPN dissector is vulnerable to a heap-based buffer over-read in ndpisearchopenvpn in lib/protocols/openvpn.c...
Heap overflow
In nDPI through 3.2, the OpenVPN dissector is vulnerable to a heap-based buffer over-read in ndpisearchopenvpn in lib/protocols/openvpn.c...
CVE-2020-15473
In nDPI through 3.2, the OpenVPN dissector is vulnerable to a heap-based buffer over-read in ndpisearchopenvpn in lib/protocols/openvpn.c...
CVE-2020-15473
In nDPI through 3.2, the OpenVPN dissector is vulnerable to a heap-based buffer over-read in ndpisearchopenvpn in lib/protocols/openvpn.c...
UBUNTU-CVE-2020-15473
In nDPI through 3.2, the OpenVPN dissector is vulnerable to a heap-based buffer over-read in ndpisearchopenvpn in lib/protocols/openvpn.c...
CVE-2020-15473
CVE-2020-15473 affects nDPI
CVE-2020-15473
In nDPI through 3.2, the OpenVPN dissector is vulnerable to a heap-based buffer over-read in ndpisearchopenvpn in lib/protocols/openvpn.c...
CVE-2020-15473
In nDPI through 3.2, the OpenVPN dissector is vulnerable to a heap-based buffer over-read in ndpisearchopenvpn in lib/protocols/openvpn.c...
PT-2020-14440
Name of the Vulnerable Software and Affected Versions nDPI versions prior to 3.2 Description The OpenVPN dissector in nDPI is susceptible to a heap-based buffer over-read issue, specifically within the ndpi search openvpn function located in lib/protocols/openvpn.c. Recommendations For versions...
OpenVPN Access Server Detection Consolidation
Consolidation of OpenVPN Access Server detections. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OpenVPN Access Server Detection (HTTP)
HTTP based detection of OpenVPN Access Server. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for openvpn (FEDORA-2020-969414e05b)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OpenVPN Access Server Denial of Service Vulnerability
OpenVPN is a software package from the American company OpenVPN for creating encrypted tunnels for Virtual Private Networks VPNs, which uses the OpenSSL library to encrypt data and control information, and allows created VPNs to be authenticated using public keys, electronic certificates, or...
MGASA-2020-0195 Updated openvpn packages fix security vulnerability
Updated openvpn packages fix security vulnerability: An issue was discovered in OpenVPN 2.4.x before 2.4.9. An attacker can inject a data channel v2 PDATAV2 packet using a victim's peer-id. Normally such packets are dropped, but if this packet arrives before the data channel crypto parameters hav...
Updated openvpn packages fix security vulnerability
Updated openvpn packages fix security vulnerability: An issue was discovered in OpenVPN 2.4.x before 2.4.9. An attacker can inject a data channel v2 PDATAV2 packet using a victim's peer-id. Normally such packets are dropped, but if this packet arrives before the data channel crypto parameters hav...