Search CVE reports
1 – 10 of 47 results
The configuration initialization tool in OpenVPN 3 Linux v20 through v24 on Linux allows a local attacker to use symlinks pointing at an arbitrary directory which will change the ownership and permissions of that destination directory.
1 affected package
openvpn3-client
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| openvpn3-client | Not in release | Not in release | Not in release | — |
OpenVPN version 2.6.1 through 2.6.13 in server mode using TLS-crypt-v2 allows remote attackers to trigger a denial of service by corrupting and replaying network packets in the early handshake phase
1 affected package
openvpn
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| openvpn | Fixed | Not affected | Not affected | Not affected |
OpenVPN before 2.6.11 does not santize PUSH_REPLY messages properly which an attacker controlling the server can use to inject unexpected arbitrary data ending up in client logs.
1 affected package
openvpn
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| openvpn | Fixed | Fixed | Fixed | Fixed |
OpenVPN version 2.4.0 through 2.6.10 on Windows allows an external, lesser privileged process to create a named pipe which the OpenVPN GUI component would connect to allowing it to escalate its privileges
1 affected package
openvpn
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| openvpn | Not affected | Not affected | Not affected | Not affected |
DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An...
29 affected packages
connman, gadmin-openvpn-client, gadmin-openvpn-server, golang-github-apparentlymart-go-openvpn-mgmt, kvpnc...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| connman | Ignored | Ignored | Ignored | Ignored |
| gadmin-openvpn-client | Not in release | Not in release | Ignored | Ignored |
| gadmin-openvpn-server | Not in release | Not in release | Ignored | Ignored |
| golang-github-apparentlymart-go-openvpn-mgmt | Ignored | Ignored | Ignored | — |
| kvpnc | Not in release | Not in release | Not in release | Ignored |
| libreswan | Ignored | Ignored | Ignored | Ignored |
| mozillavpn | Not in release | Ignored | Not in release | — |
| n2n | Ignored | Ignored | Ignored | Ignored |
| network-manager-fortisslvpn | Ignored | Ignored | Ignored | Ignored |
| network-manager-iodine | Ignored | Ignored | Ignored | Ignored |
| network-manager-l2tp | Ignored | Ignored | Ignored | Ignored |
| network-manager-openconnect | Ignored | Ignored | Ignored | Ignored |
| network-manager-openvpn | Ignored | Ignored | Ignored | Ignored |
| network-manager-pptp | Ignored | Ignored | Ignored | Ignored |
| network-manager-sstp | Ignored | Ignored | Not in release | — |
| network-manager-strongswan | Ignored | Ignored | Ignored | Ignored |
| network-manager-vpnc | Ignored | Ignored | Ignored | Ignored |
| openconnect | Ignored | Ignored | Ignored | Ignored |
| openfortivpn | Ignored | Ignored | Ignored | Ignored |
| openvpn | Ignored | Ignored | Ignored | Ignored |
| pptp-linux | Ignored | Ignored | Ignored | Ignored |
| pptpd | Not in release | Ignored | Ignored | Ignored |
| quicktun | Ignored | Ignored | Ignored | Ignored |
| riseup-vpn | Ignored | Not in release | Not in release | — |
| softether-vpn | Ignored | Ignored | Not in release | — |
| sshuttle | Ignored | Ignored | Ignored | Ignored |
| tinc | Ignored | Ignored | Ignored | Ignored |
| vpnc | Ignored | Ignored | Ignored | Ignored |
| wireguard | Ignored | Ignored | Ignored | Ignored |
OpenVPN from 2.6.0 through 2.6.10 in a server role accepts multiple exit notifications from authenticated clients which will extend the validity of a closing session
1 affected package
openvpn
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| openvpn | Fixed | Not affected | Not affected | Not affected |
Buffer overflow in the extract_openvpn_cr function in openvpn-cr.c in openvpn-auth-ldap (aka the Three Rings Auth-LDAP plugin for OpenVPN) 2.0.4 allows attackers with a valid LDAP username and who can control...
1 affected package
openvpn-auth-ldap
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| openvpn-auth-ldap | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
OpenVPN plug-ins on Windows with OpenVPN 2.6.9 and earlier could be loaded from any directory, which allows an attacker to load an arbitrary plug-in which can be used to interact with the privileged OpenVPN interactive service.
1 affected package
openvpn
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| openvpn | Not affected | Not affected | Not affected | Not affected |
The interactive service in OpenVPN 2.6.9 and earlier allows an attacker to send data causing a stack overflow which can be used to execute arbitrary code with more privileges.
1 affected package
openvpn
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| openvpn | Not affected | Not affected | Not affected | Not affected |
The interactive service in OpenVPN 2.6.9 and earlier allows the OpenVPN service pipe to be accessed remotely, which allows a remote attacker to interact with the privileged OpenVPN interactive service.
1 affected package
openvpn
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| openvpn | Not affected | Not affected | Not affected | Not affected |