2376 matches found
OpenVPN Client Remote Code Execution Vulnerability
The host is running OpenVPN Client, which is prone to remote code execution vulnerability. OpenVAS Vulnerability Test $Id: secpodopenvpnclientcodeexecvuln900024.nasl 7823 2017-11-20 08:54:04Z cfischer $ Description: OpenVPN Client Remote Code Execution Vulnerability Authors: Chandan S Copyright:...
OpenVPN Client RCE Vulnerability
OpenVPN Client is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
FreeBSD : openvpn-devel -- arbitrary code execution (c61ca9cb-64c3-11dd-954d-006097bcc5f4)
James Yonan reports : Security Fix - affects non-Windows OpenVPN clients running OpenVPN 2.1-beta14 through 2.1-rc8 OpenVPN 2.0.x clients are NOT vulnerable nor are any versions of the OpenVPN server vulnerable. An OpenVPN client connecting to a malicious or compromised server could potentially...
OpenVPN客户端lladdr和iproute配置指令远程代码执行漏洞
BUGTRAQ ID: 30532 OpenVPN是一个基于OpenSSL库的应用层VPN实现。 OpenVPN在处理畸形用户请求时存在漏洞,如果连接到恶意服务器的OpenVPN客户端接收到了lladdr或iproute配置命令的话,就会导致在客户端上执行任意指令。只有当客户端运行在非Windows平台上且配置文件中允许服务器发送配置指令才受这个漏洞影响。 OpenVPN 2.1 OpenVPN ------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://openvpn.net/release/openvpn-2.1rc9.tar.gz...
Design/Logic Flaw
Unspecified vulnerability in OpenVPN 2.1-beta14 through 2.1-rc8, when running on non-Windows systems, allows remote servers to execute arbitrary commands via crafted 1 lladdr and 2 iproute configuration directives, probably related to shell metacharacters...
CVE-2008-3459
Unspecified vulnerability in OpenVPN 2.1-beta14 through 2.1-rc8, when running on non-Windows systems, allows remote servers to execute arbitrary commands via crafted 1 lladdr and 2 iproute configuration directives, probably related to shell metacharacters...
CVE-2008-3459
Unspecified vulnerability in OpenVPN 2.1-beta14 through 2.1-rc8, when running on non-Windows systems, allows remote servers to execute arbitrary commands via crafted 1 lladdr and 2 iproute configuration directives, probably related to shell metacharacters...
DEBIAN-CVE-2008-3459
Unspecified vulnerability in OpenVPN 2.1-beta14 through 2.1-rc8, when running on non-Windows systems, allows remote servers to execute arbitrary commands via crafted 1 lladdr and 2 iproute configuration directives, probably related to shell metacharacters...
CVE-2008-3459
Unspecified vulnerability in OpenVPN 2.1-beta14 through 2.1-rc8, when running on non-Windows systems, allows remote servers to execute arbitrary commands via crafted 1 lladdr and 2 iproute configuration directives, probably related to shell metacharacters...
CVE-2008-3459
Unspecified vulnerability in OpenVPN 2.1-beta14 through 2.1-rc8, when running on non-Windows systems, allows remote servers to execute arbitrary commands via crafted 1 lladdr and 2 iproute configuration directives, probably related to shell metacharacters...
CVE-2008-3459
CVE-2008-3459 affects OpenVPN 2.1-beta14 through 2.1-rc8 on non‑Windows hosts. A remote server can cause the client to run arbitrary commands by pushing crafted (lladdr) and (iproute) configuration directives, probably via shell metacharacters. Exploitation context requires the client to accept s...
CVE-2008-3459
Unspecified vulnerability in OpenVPN 2.1-beta14 through 2.1-rc8, when running on non-Windows systems, allows remote servers to execute arbitrary commands via crafted 1 lladdr and 2 iproute configuration directives, probably related to shell metacharacters...
openvpn-devel -- arbitrary code execution
James Yonan reports: Security Fix - affects non-Windows OpenVPN clients running OpenVPN 2.1-beta14 through 2.1-rc8 OpenVPN 2.0.x clients are NOT vulnerable nor are any versions of the OpenVPN server vulnerable. An OpenVPN client connecting to a malicious or compromised server could potentially...
Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : openssl-blacklist update (USN-612-11)
USN-612-3 addressed a weakness in OpenSSL certificate and key generation and introduced openssl-blacklist to aid in detecting vulnerable certificates and keys. This update adds RSA-4096 blacklists to the openssl-blacklist-extra package and adjusts openssl-vulnkey to properly handle RSA-4096 and...
USN-612-11: openssl-blacklist update
USN-612-3 addressed a weakness in OpenSSL certificate and key generation and introduced openssl-blacklist to aid in detecting vulnerable certificates and keys. This update adds RSA-4096 blocklists to the openssl-blacklist-extra package and adjusts openssl-vulnkey to properly handle RSA-4096 and...
Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : openssl-blacklist update (USN-612-9)
USN-612-3 addressed a weakness in OpenSSL certificate and key generation in OpenVPN by introducing openssl-blacklist to aid in detecting vulnerable private keys. This update enhances the openssl-vulnkey tool to check Certificate Signing Requests, accept input from STDIN, and check moduli without ...
Ubuntu 7.04 / 7.10 / 8.04 LTS : openvpn regression (USN-612-10)
USN-612-3 addressed a weakness in OpenSSL certificate and key generation in OpenVPN by adding checks for vulnerable certificates and keys to OpenVPN. A regression was introduced in OpenVPN when using TLS with password protected certificates which caused OpenVPN to not start when used with...
USN-612-10: OpenVPN regression
USN-612-3 addressed a weakness in OpenSSL certificate and key generation in OpenVPN by adding checks for vulnerable certificates and keys to OpenVPN. A regression was introduced in OpenVPN when using TLS with password protected certificates which caused OpenVPN to not start when used with...
Debian Security Advisory DSA 1571-1 (openssl)
The remote host is missing an update to openssl announced via advisory DSA 1571-1. OpenVAS Vulnerability Test $Id: deb15711.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1571-1 openssl Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : openssl-blacklist update (USN-612-8)
USN-612-3 addressed a weakness in OpenSSL certificate and key generation in OpenVPN by introducing openssl-blacklist to aid in detecting vulnerable private keys. This update enhances the openssl-vulnkey tool to check X.509 certificates as well, and provides the corresponding update for Ubuntu 6.0...