All the vulnerabilites related to OpenVPN - Access Server
var-200605-0584
Vulnerability from variot
OpenVPN 2.0.7 and earlier, when configured to use the --management option with an IP that is not 127.0.0.1, uses a cleartext password for TCP sessions to the management interface, which might allow remote attackers to view sensitive information or cause a denial of service. OpenVPN is prone to a denial-of-service vulnerability
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-200605-0584", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "openvpn", "scope": "eq", "trust": 1.9, "vendor": "openvpn", "version": "2.0" }, { "model": "openvpn", "scope": "eq", "trust": 1.6, "vendor": "openvpn", "version": "2.0_beta28" }, { "model": "openvpn", "scope": "eq", "trust": 1.6, "vendor": "openvpn", "version": "2.0_beta7" }, { "model": "openvpn", "scope": "eq", "trust": 1.6, "vendor": "openvpn", "version": "2.0_beta19" }, { "model": "openvpn", "scope": "eq", "trust": 1.6, "vendor": "openvpn", "version": "2.0_beta20" }, { "model": "openvpn", "scope": "eq", "trust": 1.6, "vendor": "openvpn", "version": "2.0_beta5" }, { "model": "openvpn", "scope": "eq", "trust": 1.6, "vendor": "openvpn", "version": "2.0_beta18" }, { "model": "openvpn", "scope": "eq", "trust": 1.6, "vendor": "openvpn", "version": "2.0_beta6" }, { "model": "openvpn", "scope": "eq", "trust": 1.6, "vendor": "openvpn", "version": "2.0_beta4" }, { "model": "openvpn", "scope": "eq", "trust": 1.6, "vendor": "openvpn", "version": "2.0_beta2" }, { "model": "openvpn", "scope": "eq", "trust": 1.6, "vendor": "openvpn", "version": "2.0_beta3" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_rc13" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_test9" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_rc4" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0.4" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_rc11" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0.1_rc7" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_rc12" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_test14" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0.6_rc1" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_test25" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0.1_rc6" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_test6" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_test8" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_beta1" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_rc15" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_beta9" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_beta10" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_rc7" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_rc6" }, { "model": "access server", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0.1" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_test22" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0.1_rc4" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_rc9" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_test27" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_test10" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_test12" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_test2" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_test24" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0.2_rc1" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_rc8" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_beta13" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_test19" }, { "model": "access server", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0.2" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_rc14" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_rc20" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_beta17" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0.1_rc3" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0.1_rc2" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_rc17" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_test20" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_beta16" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0.1_rc5" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_beta11" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_rc5" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_test18" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_rc19" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_beta15" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_test7" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_beta12" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_test26" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_test4" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_beta8" }, { "model": "access server", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0.6" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0.3_rc1" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_rc10" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_rc1" }, { "model": "access server", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0.5" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_rc2" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_rc3" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_rc18" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_rc16" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_test21" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0.1_rc1" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_test16" }, { "model": "access server", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0.7" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_test1" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_test5" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_test15" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_test3" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_test11" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_rc21" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_test23" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_test29" }, { "model": "openvpn", "scope": "eq", "trust": 1.0, "vendor": "openvpn", "version": "2.0_test17" }, { "model": "openvpn", "scope": "eq", "trust": 0.9, "vendor": "openvpn", "version": "2.0.1" }, { "model": "2.0.1 rc1", "scope": null, "trust": 0.6, "vendor": "openvpn", "version": null }, { "model": "2.0.1 rc2", "scope": null, "trust": 0.6, "vendor": "openvpn", "version": null }, { "model": "2.0.1 rc3", "scope": null, "trust": 0.6, "vendor": "openvpn", "version": null }, { "model": "2.0.1 rc4", "scope": null, "trust": 0.6, "vendor": "openvpn", "version": null }, { "model": "2.0.1 rc5", "scope": null, "trust": 0.6, "vendor": "openvpn", "version": null }, { "model": "openvpn", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "3.1.3" }, { "model": "openvpn", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0.7" }, { "model": "rc5", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0.1" }, { "model": "rc4", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0.1" }, { "model": "rc3", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0.1" }, { "model": "rc2", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0.1" }, { "model": "rc1", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0.1" }, { "model": "rc1", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0.6" }, { "model": "openvpn", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0.6" }, { "model": "openvpn", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0.5" }, { "model": "rc1", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0.3" }, { "model": "rc1", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0.2" }, { "model": "openvpn", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0.2" }, { "model": "rc7", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0.1" }, { "model": "rc6", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0.1" }, { "model": "test9", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "test8", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "test7", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "test6", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "test5", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "test4", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "test3", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "test29", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "test27", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "test26", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "test25", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "test24", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "test23", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "test22", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "test21", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "test20", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "test2", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "test19", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "test18", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "test17", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "test16", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "test15", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "test14", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "test12", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "test11", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "test10", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "test1", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "rc9", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "rc8", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "rc7", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "rc6", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "rc5", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "rc4", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "rc3", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "rc21", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "rc20", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "rc2", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "rc19", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "rc18", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "rc17", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "rc16", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "rc15", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "rc14", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "rc13", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "rc12", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "rc11", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "rc10", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "rc1", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "beta9", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "beta8", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "beta7", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "beta6", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "beta5", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "beta4", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "beta3", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "beta28", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "beta20", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "beta2", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "beta19", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "beta18", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "beta17", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "beta16", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "beta15", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "beta13", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "beta12", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "beta11", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "beta10", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "beta1", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2006-2916" }, { "db": "BID", "id": "87623" }, { "db": "NVD", "id": "CVE-2006-2229" }, { "db": "CNNVD", "id": "CNNVD-200605-102" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn_access_server:2.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0.1_rc7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn_access_server:2.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0.2_rc1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_beta1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_beta10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_beta18:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_beta19:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_beta6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0.1_rc3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0.1_rc4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn_access_server:2.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn_access_server:2.0.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_beta13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_beta15:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_beta28:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0.1_rc1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0.1_rc2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0.3_rc1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_beta11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_beta12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_beta2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_beta20:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_beta9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_rc1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_rc16:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_rc17:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_rc4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_rc5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_test12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_test14:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_test20:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_test21:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_test29:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_test3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_beta7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_beta8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_rc14:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_rc15:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_rc21:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_rc3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_test10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_test11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_test19:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_test2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_test26:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_test27:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_test9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_beta3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_rc10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_rc11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_rc18:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_rc19:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_rc6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_rc7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_test15:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_test16:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_test22:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_test23:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_test4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_test5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_test6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0.1_rc5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0.1_rc6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0.6_rc1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn_access_server:2.0.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_beta16:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_beta17:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_beta4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_beta5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_rc12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_rc13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_rc2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_rc20:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_rc8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_rc9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_test1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_test17:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_test18:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_test24:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_test25:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_test7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvpn:openvpn:2.0_test8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2006-2229" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Unknown", "sources": [ { "db": "BID", "id": "87623" } ], "trust": 0.3 }, "cve": "CVE-2006-2229", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 4.9, "impactScore": 4.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:P", "version": "2.0" }, { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 4.9, "id": "CNVD-2006-2916", "impactScore": 4.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:P", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2006-2229", "trust": 1.0, "value": "MEDIUM" }, { "author": "CNVD", "id": "CNVD-2006-2916", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-200605-102", "trust": 0.6, "value": "MEDIUM" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2006-2916" }, { "db": "NVD", "id": "CVE-2006-2229" }, { "db": "CNNVD", "id": "CNNVD-200605-102" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "OpenVPN 2.0.7 and earlier, when configured to use the --management option with an IP that is not 127.0.0.1, uses a cleartext password for TCP sessions to the management interface, which might allow remote attackers to view sensitive information or cause a denial of service. OpenVPN is prone to a denial-of-service vulnerability", "sources": [ { "db": "NVD", "id": "CVE-2006-2229" }, { "db": "CNVD", "id": "CNVD-2006-2916" }, { "db": "BID", "id": "87623" } ], "trust": 1.71 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2006-2229", "trust": 2.5 }, { "db": "OSVDB", "id": "25660", "trust": 1.6 }, { "db": "CNVD", "id": "CNVD-2006-2916", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-200605-102", "trust": 0.6 }, { "db": "BID", "id": "87623", "trust": 0.3 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2006-2916" }, { "db": "BID", "id": "87623" }, { "db": "NVD", "id": "CVE-2006-2229" }, { "db": "CNNVD", "id": "CNNVD-200605-102" } ] }, "id": "VAR-200605-0584", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2006-2916" } ], "trust": 1.35 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "Network device" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2006-2916" } ] }, "last_update_date": "2023-12-18T14:06:53.469000Z", "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-Other", "trust": 1.0 } ], "sources": [ { "db": "NVD", "id": "CVE-2006-2229" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.9, "url": "http://openvpn.net/man.html" }, { "trust": 1.6, "url": "http://www.osvdb.org/25660" }, { "trust": 1.6, "url": "http://www.securityfocus.com/archive/1/432863/100/0/threaded" }, { "trust": 1.6, "url": "http://www.securityfocus.com/archive/1/432867/100/0/threaded" }, { "trust": 1.6, "url": "http://www.securityfocus.com/archive/1/433000/100/0/threaded" }, { "trust": 0.9, "url": "http://www.securityfocus.com/archive/1/archive/1/432863/100/0/threaded" }, { "trust": 0.3, "url": "http://www.securityfocus.com/archive/1/archive/1/433000/100/0/threaded" }, { "trust": 0.3, "url": "http://www.securityfocus.com/archive/1/archive/1/432867/100/0/threaded" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2006-2916" }, { "db": "BID", "id": "87623" }, { "db": "NVD", "id": "CVE-2006-2229" }, { "db": "CNNVD", "id": "CNNVD-200605-102" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2006-2916" }, { "db": "BID", "id": "87623" }, { "db": "NVD", "id": "CVE-2006-2229" }, { "db": "CNNVD", "id": "CNNVD-200605-102" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2006-05-05T00:00:00", "db": "CNVD", "id": "CNVD-2006-2916" }, { "date": "2006-05-05T00:00:00", "db": "BID", "id": "87623" }, { "date": "2006-05-05T19:02:00", "db": "NVD", "id": "CVE-2006-2229" }, { "date": "2006-05-05T00:00:00", "db": "CNNVD", "id": "CNNVD-200605-102" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2006-05-05T00:00:00", "db": "CNVD", "id": "CNVD-2006-2916" }, { "date": "2006-05-05T00:00:00", "db": "BID", "id": "87623" }, { "date": "2020-05-12T14:21:29.940000", "db": "NVD", "id": "CVE-2006-2229" }, { "date": "2020-05-13T00:00:00", "db": "CNNVD", "id": "CNNVD-200605-102" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-200605-102" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "OpenVPN management interface TCP session information disclosure vulnerability", "sources": [ { "db": "CNVD", "id": "CNVD-2006-2916" } ], "trust": 0.6 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "other", "sources": [ { "db": "CNNVD", "id": "CNNVD-200605-102" } ], "trust": 0.6 } }
cve-2023-46850
Vulnerability from cvelistv5
Published
2023-11-11 00:15
Modified
2024-08-02 20:53
Severity ?
EPSS score ?
Summary
Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory buffers or remote execution when sending network buffers to a remote peer.
References
Impacted products
Vendor | Product | Version | |||||
---|---|---|---|---|---|---|---|
▼ | OpenVPN | OpenVPN 2 (Community) |
Version: 2.6.0 |
||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T20:53:21.910Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://community.openvpn.net/openvpn/wiki/CVE-2023-46850" }, { "tags": [ "x_transferred" ], "url": "https://openvpn.net/security-advisory/access-server-security-update-cve-2023-46849-cve-2023-46850/" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5555" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3FS46ANNTAVLIQY56ZKGM5CBTRVBUNE/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O54I7D753V6PU6XBU26FEROD2DSHEJQ4/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "OpenVPN 2 (Community)", "vendor": "OpenVPN", "versions": [ { "lessThanOrEqual": "2.6.6", "status": "affected", "version": "2.6.0", "versionType": "minor release" } ] }, { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Access Server", "vendor": "OpenVPN", "versions": [ { "lessThanOrEqual": "2.11.3", "status": "affected", "version": "2.11.0", "versionType": "patch release" }, { "lessThanOrEqual": "2.12.2", "status": "affected", "version": "2.12.0", "versionType": "patch release" } ] } ], "descriptions": [ { "lang": "en", "value": "Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory buffers or remote execution when sending network buffers to a remote peer." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-11-11T00:15:07.076Z", "orgId": "36a55730-e66d-4d39-8ca6-3c3b3017965e", "shortName": "OpenVPN" }, "references": [ { "url": "https://community.openvpn.net/openvpn/wiki/CVE-2023-46850" }, { "url": "https://openvpn.net/security-advisory/access-server-security-update-cve-2023-46849-cve-2023-46850/" }, { "url": "https://www.debian.org/security/2023/dsa-5555" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3FS46ANNTAVLIQY56ZKGM5CBTRVBUNE/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O54I7D753V6PU6XBU26FEROD2DSHEJQ4/" } ] } }, "cveMetadata": { "assignerOrgId": "36a55730-e66d-4d39-8ca6-3c3b3017965e", "assignerShortName": "OpenVPN", "cveId": "CVE-2023-46850", "datePublished": "2023-11-11T00:15:07.076Z", "dateReserved": "2023-10-27T13:38:49.496Z", "dateUpdated": "2024-08-02T20:53:21.910Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-46849
Vulnerability from cvelistv5
Published
2023-11-11 00:05
Modified
2024-08-02 20:53
Severity ?
EPSS score ?
Summary
Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker to trigger a divide by zero behaviour which could cause an application crash, leading to a denial of service.
References
Impacted products
Vendor | Product | Version | |||||
---|---|---|---|---|---|---|---|
▼ | OpenVPN | OpenVPN 2 (Community) |
Version: 2.6.0 |
||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T20:53:21.915Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://community.openvpn.net/openvpn/wiki/CVE-2023-46849" }, { "tags": [ "x_transferred" ], "url": "https://openvpn.net/security-advisory/access-server-security-update-cve-2023-46849-cve-2023-46850/" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5555" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3FS46ANNTAVLIQY56ZKGM5CBTRVBUNE/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O54I7D753V6PU6XBU26FEROD2DSHEJQ4/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "OpenVPN 2 (Community)", "vendor": "OpenVPN", "versions": [ { "lessThanOrEqual": "2.6.6", "status": "affected", "version": "2.6.0", "versionType": "minor release" } ] }, { "defaultStatus": "unaffected", "platforms": [ "Linux" ], "product": "Access Server", "vendor": "OpenVPN", "versions": [ { "lessThanOrEqual": "2.11.3", "status": "affected", "version": "2.11.0", "versionType": "patch release" }, { "lessThanOrEqual": "2.12.1", "status": "affected", "version": "2.12.0", "versionType": "patch release" } ] } ], "descriptions": [ { "lang": "en", "value": "Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker to trigger a divide by zero behaviour which could cause an application crash, leading to a denial of service." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-369", "description": "CWE-369 Divide By Zero", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-11-11T00:05:13.487Z", "orgId": "36a55730-e66d-4d39-8ca6-3c3b3017965e", "shortName": "OpenVPN" }, "references": [ { "url": "https://community.openvpn.net/openvpn/wiki/CVE-2023-46849" }, { "url": "https://openvpn.net/security-advisory/access-server-security-update-cve-2023-46849-cve-2023-46850/" }, { "url": "https://www.debian.org/security/2023/dsa-5555" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3FS46ANNTAVLIQY56ZKGM5CBTRVBUNE/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O54I7D753V6PU6XBU26FEROD2DSHEJQ4/" } ] } }, "cveMetadata": { "assignerOrgId": "36a55730-e66d-4d39-8ca6-3c3b3017965e", "assignerShortName": "OpenVPN", "cveId": "CVE-2023-46849", "datePublished": "2023-11-11T00:05:13.487Z", "dateReserved": "2023-10-27T13:38:49.496Z", "dateUpdated": "2024-08-02T20:53:21.915Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }