CVE-2019-6628

On BIG-IP PEM 14.1.0-14.1.0.5 and 14.0.0-14.0.0.4, under certain conditions, the TMM process may terminate and restart while processing BIG-IP PEM traffic with the OpenVPN classifier...

CVE-2019-6628

On BIG-IP PEM 14.1.0-14.1.0.5 and 14.0.0-14.0.0.4, under certain conditions, the TMM process may terminate and restart while processing BIG-IP PEM traffic with the OpenVPN classifier...

Design/Logic Flaw

On BIG-IP PEM 14.1.0-14.1.0.5 and 14.0.0-14.0.0.4, under certain conditions, the TMM process may terminate and restart while processing BIG-IP PEM traffic with the OpenVPN classifier...

CVE-2019-6628

CVE-2019-6628 affects BIG-IP PEM when using the OpenVPN classifier. The TMM process may terminate and restart under certain conditions. Affected: BIG-IP PEM 14.1.0-14.1.0.5 and 14.0.0-14.0.0.4. Fixes: 14.1.0.6 and 14.0.0.5. Mitigation (from advisory): disable the OpenVPN classifier or apply the r...

CVE-2019-6628

On BIG-IP PEM 14.1.0-14.1.0.5 and 14.0.0-14.0.0.4, under certain conditions, the TMM process may terminate and restart while processing BIG-IP PEM traffic with the OpenVPN classifier...

OpenVPN Client 2.0.x < 2.0.6 Remote Code Execution Vulnerability

According to its self-reported version number, the version of OpenVPN client installed on the remote Windows host is 2.0.x prior to 2.0.6. It is, therefore, affected by a remote command execution vulnerability. An unauthenticated remote attacker can exploit this by deploying a malicious OpenVPN...

OpenVPN Server Installed

OpenVPN Server, an open source virtual private network VPN application for Windows, is installed on the remote Windows host. Binary data openvpnserverinstalled.nbin...

OpenVPN 2.3.x < 2.3.17 & 2.4.x < 2.4.3 Multiple Denial of Service Vulnerabilites (Windows)

According to its self-reported version number, the version of OpenVPN installed on the remote Windows host is 2.3.x prior to 2.3.17 or 2.4.x prior to 2.4.3. It is, therefore, affected by multiple denial of service DoS vulnerabilities due to invalid input validation. An unauthenticated, remote...

OpenVPN 2.4.x < 2.4.6 Denial of Service Vulnerability (Windows)

According to its self-reported version number, the version of OpenVPN installed on the remote Windows host is affected by a denial of service DoS vulnerability in its interactive service helper component due to an invalid level of validation for incoming requests. An unauthenticated, local attack...

OpenVPN 2.3.12 < 2.3.15 / 2.4.x < 2.4.2 Denial of Service Vulnerability (Windows)

According to its self-reported version number, the version of OpenVPN installed on the remote Windows host is 2.3.12 prior to 2.3.15 or 2.4.x prior to 2.4.2. It is, therefore, affected by a denial of service DoS vulnerability due to invalid packet processing logic. An unauthenticated, remote...

OpenVPN < 2.3.15 / 2.4.x < 2.4.2 Denial of Service Vulnerability (Windows)

According to its self-reported version number, the version of OpenVPN installed on the remote Windows host is prior to 2.3.15 or 2.4.x prior to 2.4.2. It is, therefore, affected by a denial of service vulnerability due to the unchecked rolling over of its packet-ID counter. An unauthenticated,...

OpenVPN < 2.3.1 Information Disclosure Vulnerability (Windows)

According to its self-reported version number, the version of OpenVPN installed on the remote Windows host is prior to 2.3.1. It is, therefore, affected by an information disclosure vulnerability in the crypto.c component due to its HMAC comparison function not running in constant time. An...

OpenVPN < 2.0.1 Multiple Vulnerabilities (Windows)

According to its self-reported version number, the version of OpenVPN installed on the remote Windows host is prior to 2.0.1. It is, therefore, affected by multiple vulnerabilities: - A denial of service DoS vulnerability exists in OpenVPN due to its OpenSSL error queue not being flushed properly...

OpenVPN < 2.3.15 Weak Cryptographic Cipher Vulnerability (Windows)

According to its self-reported version number, the version of OpenVPN installed on the remote Windows host is prior to 2.3.15. It is, therefore, affected by a weak cryptographic cipher vulnerability. OpenVPN's default cipher, BF-CBC, is vulnerable to plaintext recovery when enough cipher text has...

openSUSE Security Update : openvpn (openSUSE-2019-507)

This update for openvpn fixes the following issues : - CVE-2018-9336: Fix potential double-free in Interactive Service could lead to denial of service bsc1090839. This update was imported from the SUSE:SLE-15:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

The vulnerability of the command-line tool astra-openvpn-server for configuring OpenVPN servers on the Astra Linux operating system stems from a configuration parameter interpretation error in the client software. This flaw allows an attacker to cause a service failure.

The vulnerability of the command-line tool astra-openvpn-server for configuring OpenVPN servers on the Astra Linux operating system is related to an interpretation error in the configuration parameters set for clients. Exploiting this vulnerability allows a malicious actor to cause service failur...

Get a Lifetime Subscription to Unlimited VPN for just $59.99 (5 Devices)

For all of the undeniable conveniences the Internet has brought us, it's becoming an increasingly dangerous place to be. Both individual hackers and entire government agencies are now able to hack into your computer or smartphone from across the globe and steal everything from your browsing histo...

Get a Lifetime Subscription to Unlimited VPN for just $59.99 (5 Devices)

For all of the undeniable conveniences the Internet has brought us, it's becoming an increasingly dangerous place to be. Both individual hackers and entire government agencies are now able to hack into your computer or smartphone from across the globe and steal everything from your browsing histo...

SUSE SLED15 / SLES15 Security Update : openvpn (SUSE-SU-2018:1888-1)

This update for openvpn fixes the following issues : - CVE-2018-9336: Fix potential double-free in Interactive Service could lead to denial of service bsc1090839. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has...

Safeguard Your Data And Privacy Online With This Award-Winning VPN

It seems as though not a day goes by without a new story breaking about a high-level cyber attack on a major corporation or national government. Hackers are becoming increasingly adept at breaking through a variety of super-secure firewalls, and they're not just after the riches of Fortune 500...