15 matches found
SUSE: Security Advisory (SUSE-SU-2017:1718-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:1635-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 26 : openvpn (2017-f8a114cd09)
Updates to the latest upstream OpenVPN 2.4.3, containing security updates for CVE-2017-7508, CVE-2017-7520 and CVE-2017-7521. This update also re-enables automatic restart of OpenVPN on the next updates. For this update, the restart needs to be done manually. Note that Tenable Network Security ha...
Authentication flaw
Red Hat 3scale aka RH-3scale API Management Platform AMP before 2.0.0 would permit creation of an access token without a client secret. An attacker could use this flaw to circumvent authentication controls and gain access to restricted APIs. NOTE: some sources have a typo in which CVE-2017-7512...
Fedora 24 : openvpn (2017-5596f2f94d)
Updates to the latest upstream OpenVPN 2.3.17, containing security updates for CVE-2017-7508, CVE-2017-7520 and CVE-2017-7521. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically...
Fedora Update for openvpn FEDORA-2017-5596f2f94d
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-3900-1 : openvpn - security update
Several issues were discovered in openvpn, a virtual private network application. - CVE-2017-7479 It was discovered that openvpn did not properly handle the rollover of packet identifiers. This would allow an authenticated remote attacker to cause a denial-of-service via application crash. -...
Amazon Linux AMI : openvpn (ALAS-2017-852)
OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service when receiving malformed IPv6 packet. CVE-2017-7508 OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certificate with an...
[SECURITY] [DSA 3900-1] openvpn security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3900-1 [email protected] https://www.debian.org/security/ Sebastien Delafond June 27, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3900-1] openvpn security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3900-1 [email protected] https://www.debian.org/security/ Sebastien Delafond June 27, 2017 https://www.debian.org/security/faq -...
CVE-2017-7521
OpenVPN vulnerability CVE-2017-7521 affects OpenVPN versions before 2.4.3 and before 2.3.17, where memory exhaustion via a memory leaks and a double-free in extract_x509_extension() enables remote denial-of-service. Debian/DSA advisories list fixed releases (e.g., 2.4.0-6+deb9u1, 2.4.3-1, etc.). ...
Debian: Security Advisory (DSA-3900-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2017-7521
OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service due to memory exhaustion caused by memory leaks and double-free issue in extractx509extension...
Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / 14.2 / current : openvpn (SSA:2017-172-01)
New openvpn packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2017-172-01. The...
[ASA-201706-27] openvpn: multiple issues
Arch Linux Security Advisory ASA-201706-27 ========================================== Severity: Critical Date : 2017-06-22 CVE-ID : CVE-2017-7508 CVE-2017-7512 CVE-2017-7520 CVE-2017-7521 Package : openvpn Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-318 Summary...