Search for packages
| purl | pkg:deb/debian/openvpn@2.0.9-4 |
| Next non-vulnerable version | 2.6.3-1+deb12u4 |
| Latest non-vulnerable version | 2.6.3-1+deb12u4 |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-3d2h-6g1w-vyb5
Aliases: CVE-2008-3459 |
openvpn: client command execution through remotely received configuration directives |
Affected by 13 other vulnerabilities. |
|
VCID-5ufa-f13v-8uea
Aliases: CVE-2013-2061 |
Multiple vulnerabilities have been found in OpenVPN, allowing remote attackers to read encrypted traffic. |
Affected by 12 other vulnerabilities. |
|
VCID-69y7-qv5p-gqar
Aliases: CVE-2020-11810 |
An issue was discovered in OpenVPN 2.4.x before 2.4.9. An attacker can inject a data channel v2 (P_DATA_V2) packet using a victim's peer-id. Normally such packets are dropped, but if this packet arrives before the data channel crypto parameters have been initialized, the victim's connection will be dropped. This requires careful timing due to the small time window (usually within a few seconds) between the victim client connection starting and the server PUSH_REPLY response back to the client. This attack will only work if Negotiable Cipher Parameters (NCP) is in use. |
Affected by 2 other vulnerabilities. |
|
VCID-crrt-th9e-z3ay
Aliases: CVE-2017-7479 |
OpenVPN versions before 2.3.15 and before 2.4.2 are vulnerable to reachable assertion when packet-ID counter rolls over resulting into Denial of Service of server by authenticated attacker. |
Affected by 9 other vulnerabilities. |
|
VCID-faqk-wzr3-77be
Aliases: CVE-2022-0547 |
Multiple vulnerabilities have been discovered in OpenVPN, the worst of which could lead to information disclosure. |
Affected by 0 other vulnerabilities. |
|
VCID-htt5-x61p-2qar
Aliases: CVE-2024-5594 |
OpenVPN before 2.6.11 does not santize PUSH_REPLY messages properly which an attacker controlling the server can use to inject unexpected arbitrary data ending up in client logs. |
Affected by 0 other vulnerabilities. |
|
VCID-j1d4-djxq-dqct
Aliases: CVE-2020-15078 |
A vulnerability has been found in OpenVPN, allowing attackers to bypass the authentication process. |
Affected by 2 other vulnerabilities. |
|
VCID-n8nh-wf64-8fgr
Aliases: CVE-2017-7508 |
security update |
Affected by 11 other vulnerabilities. Affected by 9 other vulnerabilities. Affected by 4 other vulnerabilities. |
|
VCID-rkee-udq8-afg2
Aliases: CVE-2017-7522 |
openvpn: Multiple security issues fixed in OpenVPN 2.4.3 and 2.3.17 |
Affected by 4 other vulnerabilities. |
|
VCID-ruzb-y7qd-nfgc
Aliases: CVE-2017-12166 |
OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution. |
Affected by 4 other vulnerabilities. |
|
VCID-vucu-2pfy-93ds
Aliases: CVE-2017-7521 |
security update |
Affected by 11 other vulnerabilities. Affected by 9 other vulnerabilities. Affected by 4 other vulnerabilities. |
|
VCID-wk2j-j9y1-5yhp
Aliases: CVE-2017-7478 |
OpenVPN version 2.3.12 and newer is vulnerable to unauthenticated Denial of Service of server via received large control packet. Note that this issue is fixed in 2.3.15 and 2.4.2. |
Affected by 9 other vulnerabilities. |
|
VCID-ydbr-c3uf-zbfb
Aliases: CVE-2014-8104 |
A vulnerability in OpenVPN could lead to Denial of Service. |
Affected by 13 other vulnerabilities. Affected by 11 other vulnerabilities. |
|
VCID-zuyu-zw1g-uqg7
Aliases: CVE-2017-7520 |
security update |
Affected by 11 other vulnerabilities. Affected by 9 other vulnerabilities. Affected by 4 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-1ua8-gb48-27bp | OpenVPN before 2.0.1, when running in "dev tap" Ethernet bridging mode, allows remote authenticated clients to cause a denial of service (memory exhaustion) via a flood of packets with a large number of spoofed MAC addresses. |
CVE-2005-2533
|
| VCID-5sv2-yh8n-cubr | OpenVPN before 2.0.1 does not properly flush the OpenSSL error queue when a packet can not be decrypted by the server, which allows remote authenticated attackers to cause a denial of service (client disconnection) via a large number of packets that can not be decrypted. |
CVE-2005-2532
|
| VCID-7z4a-jb81-k3ct | OpenVPN 2.0 through 2.0.5 allows remote malicious servers to execute arbitrary code on the client by using setenv with the LD_PRELOAD environment variable. |
CVE-2006-1629
|
| VCID-9pep-1c3x-vyen | OpenVPN before 2.0.1, when running with "verb 0" and without TLS authentication, does not properly flush the OpenSSL error queue when a client fails certificate authentication to the server and causes the error to be processed by the wrong client, which allows remote attackers to cause a denial of service (client disconnection) via a large number of failed authentication attempts. |
CVE-2005-2531
|
| VCID-dqae-zqkh-mqdf | The OpenVPN client is potentially vulnerable to the execution of arbitrary code and the OpenVPN server is vulnerable to a Denial of Service issue. |
CVE-2005-3393
|
| VCID-hdnv-2fe2-wqax | Race condition in OpenVPN before 2.0.1, when --duplicate-cn is not enabled, allows remote attackers to cause a denial of service (server crash) via simultaneous TCP connections from multiple clients that use the same client certificate. |
CVE-2005-2534
|
| VCID-vxf8-ysa7-3qcu | The OpenVPN client is potentially vulnerable to the execution of arbitrary code and the OpenVPN server is vulnerable to a Denial of Service issue. |
CVE-2005-3409
|