720 matches found
CVE-2021-20579
IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a user who can create a view or inline SQL function to obtain sensitive information when AUTOREVAL is set to DEFFEREDFORCE. IBM X-Force ID: 199283...
CVE-2020-15077
OpenVPN Access Server 2.8.7 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks...
CVE-2020-15077
OpenVPN Access Server 2.8.7 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks...
OpenVPN 授权问题漏洞
Openvpn OpenVPN is a software package for creating virtual private network VPN encrypted channels from the US-based OpenVPN Openvpn, which uses the OpenSSL library to encrypt data and control information and allows the created VPN to be authenticated using a public key, an electronic certificate,...
PT-2021-9735 · Openvpn · Openvpn Access Server
Name of the Vulnerable Software and Affected Versions: OpenVPN Access Server versions 2.8.7 and earlier Description: The issue allows remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication. This can potentially be used to trigg...
OESA-2021-1197 openvpn security update
OpenVPN is a full-featured open source SSL VPN solution that accommodates a wide range of configurations, including remote access, site-to-site VPNs, Wi-Fi security, and enterprise-scale remote access solutions with load balancing, failover, and fine-grained access-controls. Starting with the...
OpenVPN Authentication Bypass Vulnerability
Openvpn OpenVPN is an American OpenVPN package for creating virtual private network VPN encrypted tunnels that uses the OpenSSL library to encrypt data and control information and allows the created VPN to be authenticated using a public key, an electronic certificate, or a username/password. A...
The vulnerability of the deferred_auth function in OpenVPN software allows a hacker to force the server to send the PUSH_REPLY message with VPN configuration details before sending the AUTH_FAILED message.
The vulnerability of the deferredauth function in OpenVPN software relates to bypassing authentication due to a fundamental error. Exploiting this vulnerability allows a remote attacker to force the server to send a PUSHREPLY message containing VPN configuration details before sending the...
DEBIAN-CVE-2020-15078
OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks...
ALPINE-CVE-2020-15078
OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks...
CVE-2020-15078
OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks...
UBUNTU-CVE-2020-15078
OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks...
CVE-2020-15078
OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks...
OpenVPN 访问控制错误漏洞
Openvpn OpenVPN is an American OpenVPN package for creating virtual private network VPN encrypted tunnels that uses the OpenSSL library to encrypt data and control information and allows the created VPN to be authenticated using a public key, an electronic certificate, or a username/password. A...
Vulnerability fixed in OpenVPN
A vulnerability has been fixed in OpenVPN. A malicious party could exploit the vulnerability to bypass authentication on an OpenVPN server configured to use "deferred authentication." Also, the malicious party can gain access gain access to information about the VPN settings. See the page below f...
PT-2021-2690 · Openvpn +5 · Openvpn +5
Name of the Vulnerable Software and Affected Versions: OpenVPN versions 2.5.1 and earlier Description: The issue allows a remote attacker to bypass authentication and access control channel data on servers configured with deferred authentication. This can potentially be used to trigger further...
FreeBSD : openvpn -- deferred authentication can be bypassed in specific circumstances (efb965be-a2c0-11eb-8956-1951a8617e30)
Gert Doring reports : OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks. %NASLMINLEVEL 70300 C Tenable Network...
openvpn -- deferred authentication can be bypassed in specific circumstances
Gert Döring reports: OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks...
Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Oracle Jul 2020 CPU plus one additional vulnerability and Oracle deferred from Jan 2020
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 SR10-FP65 and Version 8 SR6-FP10 used by IBM Tivoli Application Dependency Discovery Manager TADDM. These issues were disclosed as part of the IBM Java SDK updates in Jul2020 and some were deferred from...
bear (=0.1.0), proud-badge (>=0.0.1 <=0.0.5) +1 more potentially affected by CVE-2020-28438 via deferred-exec (=0.3.1)
deferred-exec NPM version =0.3.1 is affected by a known vulnerability. The following packages have a transitive dependency on deferred-exec and may be impacted: - bear =0.1.0 - proud-badge =0.0.1, =0.0.1, =0.0.4 Source cves: CVE-2020-28438 Source advisory: SNYK:JS-DEFERREDEXEC-1050433...