Search CVE reports
1 – 10 of 47 results
The configuration initialization tool in OpenVPN 3 Linux v20 through v24 on Linux allows a local attacker to use symlinks pointing at an arbitrary directory which will change the ownership and permissions of that destination directory.
1 affected package
openvpn3-client
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
openvpn3-client | Not in release | Not in release | Not in release | — |
OpenVPN version 2.4.0 through 2.6.10 on Windows allows an external, lesser privileged process to create a named pipe which the OpenVPN GUI component would connect to allowing it to escalate its privileges
1 affected package
openvpn
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
openvpn | Not affected | Not affected | Not affected | Not affected |
OpenVPN version 2.6.1 through 2.6.13 in server mode using TLS-crypt-v2 allows remote attackers to trigger a denial of service by corrupting and replaying network packets in the early handshake phase
1 affected package
openvpn
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
openvpn | Fixed | Not affected | Not affected | Not affected |
tap-windows6 driver version 9.26 and earlier does not properly check the size data of incomming write operations which an attacker can use to overflow memory buffers, resulting in a bug check and potentially arbitrary code...
1 affected package
openvpn
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
openvpn | Not affected | Not affected | Not affected | Not affected |
OpenVPN plug-ins on Windows with OpenVPN 2.6.9 and earlier could be loaded from any directory, which allows an attacker to load an arbitrary plug-in which can be used to interact with the privileged OpenVPN interactive service.
1 affected package
openvpn
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
openvpn | Not affected | Not affected | Not affected | Not affected |
The interactive service in OpenVPN 2.6.9 and earlier allows an attacker to send data causing a stack overflow which can be used to execute arbitrary code with more privileges.
1 affected package
openvpn
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
openvpn | Not affected | Not affected | Not affected | Not affected |
The interactive service in OpenVPN 2.6.9 and earlier allows the OpenVPN service pipe to be accessed remotely, which allows a remote attacker to interact with the privileged OpenVPN interactive service.
1 affected package
openvpn
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
openvpn | Not affected | Not affected | Not affected | Not affected |
Buffer overflow in the extract_openvpn_cr function in openvpn-cr.c in openvpn-auth-ldap (aka the Three Rings Auth-LDAP plugin for OpenVPN) 2.0.4 allows attackers with a valid LDAP username and who can control...
1 affected package
openvpn-auth-ldap
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
openvpn-auth-ldap | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
OpenVPN before 2.6.11 does not santize PUSH_REPLY messages properly which an attacker controlling the server can use to inject unexpected arbitrary data ending up in client logs.
1 affected package
openvpn
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
openvpn | Fixed | Fixed | Fixed | Fixed |
OpenVPN from 2.6.0 through 2.6.10 in a server role accepts multiple exit notifications from authenticated clients which will extend the validity of a closing session
1 affected package
openvpn
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
openvpn | Fixed | Not affected | Not affected | Not affected |