20 matches found
CLSA-2025-1759485890 openvpn: Fix of CVE-2020-15078
CVE-2020-15078: fix authentication bypass and access to control channel data on servers configured with deferred authentication...
ROS-2-652
2.652 OpenVPN Authentication Bypass CVE-2020-15078 1. Vulnerability Description: The vulnerability allows a remote attacker to bypass authentication and access restrictions to leak VPN configuration data. The issue only occurs on servers that are configured to use deferredauth. Under certain...
ROS-2-511
2.511 OpenVPN Authentication Bypass CVE-2020-15078 1. Vulnerability Description: The vulnerability allows a remote attacker to bypass authentication and access restrictions to leak VPN configuration data. The issue only occurs on servers that are configured to use deferredauth. Under certain...
SUSE CVE-2020-15078
OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks...
Debian DLA-2992-1 : openvpn - LTS security update
The remote Debian 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-2992 advisory. - OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code...
Mageia: Security Advisory (MGASA-2021-0302)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ROS-2-459
2.459 OpenVPN Authentication Bypass CVE-2020-15078 1. Vulnerability Description: The vulnerability allows a remote attacker to bypass authentication and access restrictions to leak VPN configuration data. The issue only occurs on servers that are configured to use deferredauth. Under certain...
Important: openvpn
Issue Overview: OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks. CVE-2020-15078 Affected Packages: openvpn...
Updated openvpn packages fix a security vulnerability
OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks CVE-2020-15078...
openSUSE Security Update : openvpn (openSUSE-2021-734)
This update for openvpn fixes the following issues : - CVE-2020-15078: Fixed authentication bypass with deferred authentication bsc1185279. - CVE-2020-11810: Fixed race condition between allocating peer-id and initializing data channel key bsc1169925. - CVE-2018-7544: Fixed cross-protocol scripti...
SUSE SLES12 Security Update : openvpn (SUSE-SU-2021:1576-1)
This update for openvpn fixes the following issues : CVE-2020-15078: Fixed authentication bypass with deferred authentication bsc1185279. CVE-2018-7544: Fixed cross-protocol scripting issue that was discovered in the management interface bsc1085803. Note that Tenable Network Security has extracte...
SUSE SLED15 / SLES15 Security Update : openvpn (SUSE-SU-2021:1577-1)
This update for openvpn fixes the following issues : CVE-2020-15078: Fixed authentication bypass with deferred authentication bsc1185279. CVE-2020-11810: Fixed race condition between allocating peer-id and initializing data channel key bsc1169925. CVE-2018-7544: Fixed cross-protocol scripting iss...
SUSE-SU-2021:1576-1 Security update for openvpn
This update for openvpn fixes the following issues: - CVE-2020-15078: Fixed authentication bypass with deferred authentication bsc1185279. - CVE-2018-7544: Fixed cross-protocol scripting issue that was discovered in the management interface bsc1085803...
SUSE-SU-2021:14723-1 Security update for openvpn-openssl1
This update for openvpn-openssl1 fixes the following issues: - CVE-2020-15078: Fixed authentication bypass with deferred authentication bsc1185279. - CVE-2018-7544: Fixed cross-protocol scripting issue that was discovered in the management interface bsc1085803...
Ubuntu: Security Advisory (USN-4933-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 18.04 LTS / 20.04 LTS : OpenVPN vulnerabilities (USN-4933-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4933-1 advisory. It was discovered that OpenVPN incorrectly handled certain data channel v2 packets. A remote attacker could possibly use this issue to inject...
UBUNTU-CVE-2020-15078
OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks...
CVE-2020-15078
OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks...
CVE-2020-15078
OpenVPN 2.5.1 and earlier versions are affected by CVE-2020-15078, permitting remote attackers to bypass authentication and access control and potentially trigger information leaks on servers configured with deferred authentication. The vulnerability affects the OpenVPN component responsible for ...
FreeBSD : openvpn -- deferred authentication can be bypassed in specific circumstances (efb965be-a2c0-11eb-8956-1951a8617e30)
Gert Doring reports : OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks. %NASLMINLEVEL 70300 C Tenable Network...