Fedora Update for openvpn FEDORA-2013-7552

Check for the Version of openvpn OpenVAS Vulnerability Test Fedora Update for openvpn FEDORA-2013-7552 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Fedora Update for openvpn FEDORA-2013-7531

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for openvpn FEDORA-2013-7552

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 18 Update: openvpn-2.3.1-2.fc18

OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumer's LZO library for...

[SECURITY] Fedora 17 Update: openvpn-2.3.1-2.fc17

OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumer's LZO library for...

Fedora 18 : openvpn-2.3.1-2.fc18 (2013-7531)

Fix for SSL vulnerability. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenab...

Fedora 17 : openvpn-2.3.1-2.fc17 (2013-7552)

Fix for SSL vulnerability. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenab...

FreeBSD : OpenVPN -- potential side-channel/timing attack when comparing HMACs (92f30415-9935-11e2-ad4c-080027ef73ec)

The OpenVPN project reports : OpenVPN 2.3.0 and earlier running in UDP mode are subject to chosen ciphertext injection due to a non-constant-time HMAC comparison function. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted fr...

OpenVPN -- potential side-channel/timing attack when comparing HMACs

The OpenVPN project reports: OpenVPN 2.3.0 and earlier running in UDP mode are subject to chosen ciphertext injection due to a non-constant-time HMAC comparison function...

Ubuntu 7.04 / 7.10 / 8.04 LTS : openssl vulnerability (USN-612-1)

A weakness has been discovered in the random number generator used by OpenSSL on Debian and Ubuntu systems. As a result of this weakness, certain encryption keys are much more common than they should be, such that an attacker could guess the key through a brute-force attack given minimal knowledg...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Endian Firewall 2.4 allow remote attackers to inject arbitrary web script or HTML via the 1 createrule parameter to dnat.cgi, 2 addrule parameter to dansguardian.cgi, or 3 PATHINFO to openvpnusers.cgi...

CVE-2012-3486

Tunnelblick 3.3beta20 and earlier allows local users to gain privileges via an OpenVPN configuration file that specifies execution of a script upon occurrence of an OpenVPN event...

Design/Logic Flaw

Tunnelblick 3.3beta20 and earlier allows local users to gain privileges via an OpenVPN configuration file that specifies execution of a script upon occurrence of an OpenVPN event...

CVE-2012-3486

CVE-2012-3486 affects Tunnelblick (3.3beta20 and earlier). Local users can gain privileges through an OpenVPN config that triggers execution of a script on an OpenVPN event. Root cause is the configuration allowing script execution by event, enabling local privilege escalation. The provided docum...

CVE-2012-3486

Tunnelblick 3.3beta20 and earlier allows local users to gain privileges via an OpenVPN configuration file that specifies execution of a script upon occurrence of an OpenVPN event...

OS X Local Root Exploit for Viscosity OpenVPN Client

No description provided by source. !/bin/sh Viscatory zx2c4 After the hullabaloo from the Tunnelblick local root, savy Mac users began defending Viscosity, another OS X VPN client. They figured, since they spent money on Viscosity, surely it would be better designed than the free open-source...

Stable Channel Update for Chrome OS

Update 5 Sept 10 am PDT - 21 Stable wifi issues are resolved, we are rolling out a new update to 21.0.1183.89 Platform version: 2268.142.0 The Google Chrome team is happy to announce the arrival of Chrome 21 to the Stable Channel for Chrome OS. More detailed updates are available on the Google...

Windows Service Trusted Path Privilege Escalation

Exploit for windows platform in category local exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core'...

Windows Service Trusted Path Privilege Escalation

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'msf/core/post/common' require...

Microsoft Windows - Service Trusted Path Privilege Escalation (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'msf/core/post/common' require...