OpenVPN client session setup detection

Binary data 3543.prm...

OpenVPN server detection

Binary data 3542.prm...

OpenVPN Detection (TCP)

TCP based detection of an OpenVPN server. Copyright C 2014 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribut...

OpenVPN Detection (UDP)

UDP based detection of an OpenVPN server. Copyright C 2014 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribut...

CVE-2013-2692

Cross-site request forgery CSRF vulnerability in the Admin web interface in OpenVPN Access Server before 1.8.5 allows remote attackers to hijack the authentication of administrators for requests that create administrative users...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the Admin web interface in OpenVPN Access Server before 1.8.5 allows remote attackers to hijack the authentication of administrators for requests that create administrative users...

CVE-2013-2692

OpenVPN Access Server before 1.8.5 is affected by a CSRF vulnerability in the Admin web interface that can allow an attacker to hijack the authentication of administrators and perform actions to create new administrative users. The issue is described as a cross-site request forgery affecting the ...

CVE-2013-2692

Cross-site request forgery CSRF vulnerability in the Admin web interface in OpenVPN Access Server before 1.8.5 allows remote attackers to hijack the authentication of administrators for requests that create administrative users...

OpenVPN 2.3.x Heartbeat Information Disclosure (Heartbleed)

According to its self-reported version number, the version of OpenVPN installed on the remote host is affected by an out-of-bounds read error, known as the 'Heartbleed Bug' in the included OpenSSL version. This error is related to handling TLS heartbeat extensions that could allow an attacker to...

OpenVPN OpenSSL TLS心跳信息泄漏漏洞

CVE ID:CVE-2014-0160 OpenVPN是一款开源VPN实现。 OpenVPN所绑定的OpenSSL存在安全漏洞，OpenSSL处理TLS”心跳“扩展存在一个边界错误，允许攻击者利用漏洞获取64k大小的已链接客户端或服务器的内存内容。内存信息可包括私钥，用户名密码等。 0 OpenVPN 2.x OpenVPN 2.3.3-I002版本已修复该漏洞，建议用户下载使用： https://openvpn.net/...

ICS-CERT Warns of Heartbleed Vulnerabilities in Siemens Gear

A number of ICS products from Siemens and Innominate are vulnerable to the OpenSSL heartbleed flaw, some of which do not have updates available yet. The list of products affected by the heartbleed vulnerability continues to grow by the day, with OpenVPN being one of the latest. A researcher on...

Private Keys Stolen from OpenVPN Using Heartbleed

You can add OpenVPN to the growing list of products and services vulnerable to the Heartbleed OpenSSL vulnerability. Worse, researchers have been able to chain together exploits to steal private keys from traffic moving through the open source virtual private network software package. A Swedish V...

OpenVPN Client Installed

Binary data openvpninstalled.nbin...

OpenVPN Heartbeat Information Disclosure (Heartbleed)

Based on its response to a TLS request with a specially crafted heartbeat message RFC 6520, the remote OpenVPN service appears to be affected by an out-of-bounds read flaw. Because the remote OpenVPN service does not employ the 'HMAC Firewall' feature, this vulnerability can be exploited without...

CVE-2014-2264

The OpenVPN module in Synology DiskStation Manager DSM 4.3-3810 update 1 has a hardcoded root password of synopass, which makes it easier for remote attackers to obtain access via a VPN session...

Hardcoded credentials

The OpenVPN module in Synology DiskStation Manager DSM 4.3-3810 update 1 has a hardcoded root password of synopass, which makes it easier for remote attackers to obtain access via a VPN session...

CVE-2014-2264

The CVE-2014-2264 entry concerns the OpenVPN module in Synology DiskStation Manager (DSM) 4.3-3810 update 1, where a hardcoded root password (synopass) enables remote access via a VPN session. Multiple connected sources (Red Hat, Tenable plugin, CVE objects) corroborate the presence of this hardc...

CVE-2014-2264

The OpenVPN module in Synology DiskStation Manager DSM 4.3-3810 update 1 has a hardcoded root password of synopass, which makes it easier for remote attackers to obtain access via a VPN session...

PT-2014-4593 · Synology +1 · Synology Diskstation Manager +1

Name of the Vulnerable Software and Affected Versions: Synology DiskStation Manager DSM version 4.3-3810 update 1 Description: The issue concerns a hardcoded root password in the OpenVPN module, specifically set to synopass, which can be exploited by remote attackers to gain access via a VPN...

Google Android Active VPN远程安全限制绕过漏洞

BUGTRAQ ID: 65229 Google Android Active VPN是基于开源OpenVPN项目的开源客户端。 Google Android Active VPN在实现上存在远程安全限制绕过漏洞，攻击者可利用此漏洞绕过某些安全限制并获取未授权访问权限。 0 Google Google Android Active VPN 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： https://play.google.com/store/apps/details?id=de.blinkt.openvpn...