CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Openvpn » Openvpn : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2014-5455 1 +Priv 2014-08-25 2014-08-26
6.9
None Local Medium Not required Complete Complete Complete
Unquoted Windows search path vulnerability in the ptservice service in PrivateTunnel 2.3.8, as bundled in OpenVPN 2.1.28.0 allows local users to gain privileges via a crafted program.exe file in the %SYSTEMDRIVE% folder.
2 CVE-2013-2061 200 +Info 2013-11-17 2014-01-03
2.6
None Remote High Not required Partial None None
The openvpn_decrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when running in UDP mode, allows remote attackers to obtain sensitive information via a timing attack involving an HMAC comparison function that does not run in constant time and a padding oracle attack on the CBC mode cipher.
3 CVE-2008-3459 16 Exec Code 2008-08-04 2011-04-12
7.6
None Remote High Not required Complete Complete Complete
Unspecified vulnerability in OpenVPN 2.1-beta14 through 2.1-rc8, when running on non-Windows systems, allows remote servers to execute arbitrary commands via crafted (1) lladdr and (2) iproute configuration directives, probably related to shell metacharacters.
4 CVE-2006-2229 DoS 2006-05-05 2008-09-05
4.0
None Remote High Not required Partial None Partial
OpenVPN 2.0.7 and earlier, when configured to use the --management option with an IP that is not 127.0.0.1, uses a cleartext password for TCP sessions to the management interface, which might allow remote attackers to view sensitive information or cause a denial of service.
5 CVE-2006-1629 Exec Code 2006-04-06 2010-04-02
9.0
Admin Remote Low Single system Complete Complete Complete
OpenVPN 2.0 through 2.0.5 allows remote malicious servers to execute arbitrary code on the client by using setenv with the LD_PRELOAD environment variable.
6 CVE-2005-3409 DoS 2005-11-01 2008-09-05
5.0
None Remote Low Not required None None Partial
OpenVPN 2.x before 2.0.4, when running in TCP mode, allows remote attackers to cause a denial of service (segmentation fault) by forcing the accept function call to return an error status, which leads to a null dereference in an exception handler.
7 CVE-2005-3393 Exec Code 2005-11-01 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Format string vulnerability in the foreign_option function in options.c for OpenVPN 2.0.x allows remote clients to execute arbitrary code via format string specifiers in a push of the dhcp-option command option.
8 CVE-2005-2534 DoS 2005-08-24 2008-09-05
2.6
None Remote High Not required None None Partial
Race condition in OpenVPN before 2.0.1, when --duplicate-cn is not enabled, allows remote attackers to cause a denial of service (server crash) via simultaneous TCP connections from multiple clients that use the same client certificate.
9 CVE-2005-2533 DoS 2005-08-24 2008-09-05
2.1
None Local Low Not required None None Partial
OpenVPN before 2.0.1, when running in "dev tap" Ethernet bridging mode, allows remote authenticated clients to cause a denial of service (memory exhaustion) via a flood of packets with a large number of spoofed MAC addresses.
10 CVE-2005-2532 DoS 2005-08-24 2008-09-05
5.0
None Remote Low Not required None None Partial
OpenVPN before 2.0.1 does not properly flush the OpenSSL error queue when a packet can not be decrypted by the server, which allows remote authenticated attackers to cause a denial of service (client disconnection) via a large number of packets that can not be decrypted.
11 CVE-2005-2531 DoS 2005-08-24 2008-09-05
5.0
None Remote Low Not required None None Partial
OpenVPN before 2.0.1, when running with "verb 0" and without TLS authentication, does not properly flush the OpenSSL error queue when a client fails certificate authentication to the server and causes the error to be processed by the wrong client, which allows remote attackers to cause a denial of service (client disconnection) via a large number of failed authentication attempts.
Total number of vulnerabilities : 11   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.