9 matches found
SUSE: Security Advisory (SUSE-SU-2013:1783-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SuSE 11.2 Security Update : openvpn (SAT Patch Number 8496)
OpenVPN used a non-constant-time memcmp in HMAC comparison in openvpndecrypt that might have allowed remote attackers to gain knowledge of plaintext data. CVE-2013-2061 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
SuSE 11.3 Security Update : openvpn (SAT Patch Number 8493)
OpenVPN used a non-constant-time memcmp in HMAC comparison in openvpndecrypt that might have allowed remote attackers to gain knowledge of plaintext data. CVE-2013-2061 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
KLA10281 OSI vulnerability in OpenVPN
An unspecified vulnerability was found in OpenVPN. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via a timing attack. Original advisories - Related products OpenVPN CVE list CVE-2013-2061 warning Solution Update to...
Amazon Linux AMI : openvpn (ALAS-2013-201)
The openvpndecrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when running in UDP mode, allows remote attackers to obtain sensitive information via a timing attack involving an HMAC comparison function that does not run in constant time and a padding oracle attack on the CBC mode cipher. ...
Low: openvpn
Issue Overview: The openvpndecrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when running in UDP mode, allows remote attackers to obtain sensitive information via a timing attack involving an HMAC comparison function that does not run in constant time and a padding oracle attack on the C...
Mandriva Linux Security Advisory : openvpn (MDVSA-2013:167)
Updated openvpn package fixes security vulnerability : OpenVPN 2.3.0 and earlier running in UDP mode are subject to chosen ciphertext injection due to a non-constant-time HMAC comparison function. Plaintext recovery may be possible using a padding oracle attack on the CBC mode cipher implementati...
Fedora Update for openvpn FEDORA-2013-7552
Check for the Version of openvpn OpenVAS Vulnerability Test Fedora Update for openvpn FEDORA-2013-7552 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Fedora Update for openvpn FEDORA-2013-7552
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...