Download
| Alert*
|
oval:org.secpod.oval:def:71927
The host is installed with OpenVPN before 2.3.18 or 2.4.x before 2.4.4 and is prone to an out of bounds write vulnerability. A flaw is present in the application, which fails to properly handle an issue in key-method 1. Successful exploitation could possibly result in code execution. oval:org.secpod.oval:def:1800709 OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution. Fixed In Version: openvpn 2.3.18, openvpn 2.4.4 oval:org.secpod.oval:def:1600804 OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution oval:org.secpod.oval:def:89044841 This update for openvpn fixes the following security issues: - CVE-2017-12166: OpenVPN was vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution. - CVE-2016-6329: Now show which ciphers should no longer be used in openvpn --show-ciphers to avoi ... oval:org.secpod.oval:def:89044672 This update for openvpn fixes the following issues: - CVE-2017-12166: Lack of bound check in read_key in old legacy key handling before using values could be used for a remote buffer overflow . oval:org.secpod.oval:def:1900662 OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution. oval:org.secpod.oval:def:113288 OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for compres ... oval:org.secpod.oval:def:113380 OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for compres ... oval:org.secpod.oval:def:2000707 OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution. oval:org.secpod.oval:def:1800443 OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution. Fixed In Version openvpn 2.3.18, openvpn 2.4.4 oval:org.secpod.oval:def:1800349 OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution. Fixed In Version: openvpn 2.3.18, openvpn 2.4.4 oval:org.secpod.oval:def:113608 OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for compres ... |
