Vulnerabilites related to OpenVPN - Access Server
cve-2023-46850
Vulnerability from cvelistv5
Published
2023-11-11 00:15
Modified
2025-02-13 17:14
Severity ?
EPSS score ?
Summary
Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory buffers or remote execution when sending network buffers to a remote peer.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | OpenVPN | OpenVPN 2 (Community) |
Version: 2.6.0 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T20:53:21.910Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://community.openvpn.net/openvpn/wiki/CVE-2023-46850", }, { tags: [ "x_transferred", ], url: "https://openvpn.net/security-advisory/access-server-security-update-cve-2023-46849-cve-2023-46850/", }, { tags: [ "x_transferred", ], url: "https://www.debian.org/security/2023/dsa-5555", }, { tags: [ "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3FS46ANNTAVLIQY56ZKGM5CBTRVBUNE/", }, { tags: [ "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O54I7D753V6PU6XBU26FEROD2DSHEJQ4/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-46850", options: [ { Exploitation: "None", }, { Automatable: "yes", }, { "Technical Impact": "Total", }, ], role: "CISA Coordinator", timestamp: "2025-01-08T21:43:36.505056Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-08T21:44:02.391Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "OpenVPN 2 (Community)", vendor: "OpenVPN", versions: [ { lessThanOrEqual: "2.6.6", status: "affected", version: "2.6.0", versionType: "minor release", }, ], }, { defaultStatus: "unaffected", platforms: [ "Linux", ], product: "Access Server", vendor: "OpenVPN", versions: [ { lessThanOrEqual: "2.11.3", status: "affected", version: "2.11.0", versionType: "patch release", }, { lessThanOrEqual: "2.12.2", status: "affected", version: "2.12.0", versionType: "patch release", }, ], }, ], descriptions: [ { lang: "en", value: "Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory buffers or remote execution when sending network buffers to a remote peer.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-416", description: "CWE-416 Use After Free", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-11-29T02:06:20.991Z", orgId: "36a55730-e66d-4d39-8ca6-3c3b3017965e", shortName: "OpenVPN", }, references: [ { url: "https://community.openvpn.net/openvpn/wiki/CVE-2023-46850", }, { url: "https://openvpn.net/security-advisory/access-server-security-update-cve-2023-46849-cve-2023-46850/", }, { url: "https://www.debian.org/security/2023/dsa-5555", }, { url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3FS46ANNTAVLIQY56ZKGM5CBTRVBUNE/", }, { url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O54I7D753V6PU6XBU26FEROD2DSHEJQ4/", }, ], }, }, cveMetadata: { assignerOrgId: "36a55730-e66d-4d39-8ca6-3c3b3017965e", assignerShortName: "OpenVPN", cveId: "CVE-2023-46850", datePublished: "2023-11-11T00:15:07.076Z", dateReserved: "2023-10-27T13:38:49.496Z", dateUpdated: "2025-02-13T17:14:45.269Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-46849
Vulnerability from cvelistv5
Published
2023-11-11 00:05
Modified
2025-02-13 17:14
Severity ?
EPSS score ?
Summary
Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker to trigger a divide by zero behaviour which could cause an application crash, leading to a denial of service.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | OpenVPN | OpenVPN 2 (Community) |
Version: 2.6.0 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T20:53:21.915Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://community.openvpn.net/openvpn/wiki/CVE-2023-46849", }, { tags: [ "x_transferred", ], url: "https://openvpn.net/security-advisory/access-server-security-update-cve-2023-46849-cve-2023-46850/", }, { tags: [ "x_transferred", ], url: "https://www.debian.org/security/2023/dsa-5555", }, { tags: [ "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3FS46ANNTAVLIQY56ZKGM5CBTRVBUNE/", }, { tags: [ "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O54I7D753V6PU6XBU26FEROD2DSHEJQ4/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "OpenVPN 2 (Community)", vendor: "OpenVPN", versions: [ { lessThanOrEqual: "2.6.6", status: "affected", version: "2.6.0", versionType: "minor release", }, ], }, { defaultStatus: "unaffected", platforms: [ "Linux", ], product: "Access Server", vendor: "OpenVPN", versions: [ { lessThanOrEqual: "2.11.3", status: "affected", version: "2.11.0", versionType: "patch release", }, { lessThanOrEqual: "2.12.1", status: "affected", version: "2.12.0", versionType: "patch release", }, ], }, ], descriptions: [ { lang: "en", value: "Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker to trigger a divide by zero behaviour which could cause an application crash, leading to a denial of service.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-369", description: "CWE-369 Divide By Zero", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-11-29T02:06:19.217Z", orgId: "36a55730-e66d-4d39-8ca6-3c3b3017965e", shortName: "OpenVPN", }, references: [ { url: "https://community.openvpn.net/openvpn/wiki/CVE-2023-46849", }, { url: "https://openvpn.net/security-advisory/access-server-security-update-cve-2023-46849-cve-2023-46850/", }, { url: "https://www.debian.org/security/2023/dsa-5555", }, { url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3FS46ANNTAVLIQY56ZKGM5CBTRVBUNE/", }, { url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O54I7D753V6PU6XBU26FEROD2DSHEJQ4/", }, ], }, }, cveMetadata: { assignerOrgId: "36a55730-e66d-4d39-8ca6-3c3b3017965e", assignerShortName: "OpenVPN", cveId: "CVE-2023-46849", datePublished: "2023-11-11T00:05:13.487Z", dateReserved: "2023-10-27T13:38:49.496Z", dateUpdated: "2025-02-13T17:14:44.708Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
var-200605-0584
Vulnerability from variot
OpenVPN 2.0.7 and earlier, when configured to use the --management option with an IP that is not 127.0.0.1, uses a cleartext password for TCP sessions to the management interface, which might allow remote attackers to view sensitive information or cause a denial of service. OpenVPN is prone to a denial-of-service vulnerability
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-200605-0584", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "openvpn", scope: "eq", trust: 1.9, vendor: "openvpn", version: "2.0", }, { model: "openvpn", scope: "eq", trust: 1.6, vendor: "openvpn", version: "2.0_beta5", }, { model: "openvpn", scope: "eq", trust: 1.6, vendor: "openvpn", version: "2.0_beta18", }, { model: "openvpn", scope: "eq", trust: 1.6, vendor: "openvpn", version: "2.0_beta3", }, { model: "openvpn", scope: "eq", trust: 1.6, vendor: "openvpn", version: "2.0_beta4", }, { model: "openvpn", scope: "eq", trust: 1.6, vendor: "openvpn", version: "2.0_beta6", }, { model: "openvpn", scope: "eq", trust: 1.6, vendor: "openvpn", version: "2.0_beta20", }, { model: "openvpn", scope: "eq", trust: 1.6, vendor: "openvpn", version: "2.0_beta28", }, { model: "openvpn", scope: "eq", trust: 1.6, vendor: "openvpn", version: "2.0_beta7", }, { model: "openvpn", scope: "eq", trust: 1.6, vendor: "openvpn", version: "2.0_beta2", }, { model: "openvpn", scope: "eq", trust: 1.6, vendor: "openvpn", version: "2.0_beta19", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_test10", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_test25", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_rc13", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_beta12", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_rc7", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_beta16", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_test26", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_beta15", }, { model: "access server", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0.5", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_beta8", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_beta13", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_rc20", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_rc11", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_beta11", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_beta1", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_rc4", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_test22", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_test2", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_test4", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0.2_rc1", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_rc1", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_rc8", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_beta17", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_rc15", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_test14", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_test17", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_test20", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_test15", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0.1_rc6", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_rc6", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_rc3", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_rc21", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0.6_rc1", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_test21", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_beta10", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_rc19", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_test11", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0.1_rc7", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_test6", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_rc5", }, { model: "access server", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0.2", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_rc17", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_rc2", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_test5", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0.1_rc1", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_rc14", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_test27", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0.3_rc1", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_rc10", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0.1_rc5", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0.1_rc2", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_test19", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_test1", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_test29", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_test18", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_test3", }, { model: "access server", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0.6", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_beta9", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0.1_rc4", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_test9", }, { model: "access server", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0.1", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_test12", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_test23", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_test24", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0.4", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0.1_rc3", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_rc18", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_rc12", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_test7", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_test16", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_rc9", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_rc16", }, { model: "openvpn", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0_test8", }, { model: "access server", scope: "eq", trust: 1, vendor: "openvpn", version: "2.0.7", }, { model: "openvpn", scope: "eq", trust: 0.9, vendor: "openvpn", version: "2.0.1", }, { model: "2.0.1 rc1", scope: null, trust: 0.6, vendor: "openvpn", version: null, }, { model: "2.0.1 rc2", scope: null, trust: 0.6, vendor: "openvpn", version: null, }, { model: "2.0.1 rc3", scope: null, trust: 0.6, vendor: "openvpn", version: null, }, { model: "2.0.1 rc4", scope: null, trust: 0.6, vendor: "openvpn", version: null, }, { model: "2.0.1 rc5", scope: null, trust: 0.6, vendor: "openvpn", version: null, }, { model: "openvpn", scope: "eq", trust: 0.3, vendor: "openvpn", version: "3.1.3", }, { model: "openvpn", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0.7", }, { model: "rc5", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0.1", }, { model: "rc4", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0.1", }, { model: "rc3", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0.1", }, { model: "rc2", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0.1", }, { model: "rc1", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0.1", }, { model: "rc1", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0.6", }, { model: "openvpn", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0.6", }, { model: "openvpn", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0.5", }, { model: "rc1", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0.3", }, { model: "rc1", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0.2", }, { model: "openvpn", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0.2", }, { model: "rc7", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0.1", }, { model: "rc6", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0.1", }, { model: "test9", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "test8", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "test7", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "test6", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "test5", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "test4", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "test3", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "test29", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "test27", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "test26", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "test25", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "test24", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "test23", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "test22", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "test21", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "test20", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "test2", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "test19", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "test18", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "test17", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "test16", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "test15", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "test14", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "test12", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "test11", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "test10", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "test1", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "rc9", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "rc8", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "rc7", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "rc6", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "rc5", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "rc4", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "rc3", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "rc21", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "rc20", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "rc2", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "rc19", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "rc18", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "rc17", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "rc16", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "rc15", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "rc14", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "rc13", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "rc12", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "rc11", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "rc10", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "rc1", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "beta9", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "beta8", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "beta7", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "beta6", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "beta5", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "beta4", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "beta3", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "beta28", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "beta20", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "beta2", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "beta19", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "beta18", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "beta17", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "beta16", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "beta15", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "beta13", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "beta12", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "beta11", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "beta10", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, { model: "beta1", scope: "eq", trust: 0.3, vendor: "openvpn", version: "2.0", }, ], sources: [ { db: "CNVD", id: "CNVD-2006-2916", }, { db: "BID", id: "87623", }, { db: "CNNVD", id: "CNNVD-200605-102", }, { db: "NVD", id: "CVE-2006-2229", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Unknown", sources: [ { db: "BID", id: "87623", }, ], trust: 0.3, }, cve: "CVE-2006-2229", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 4, confidentialityImpact: "PARTIAL", exploitabilityScore: 4.9, id: "CVE-2006-2229", impactScore: 4.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1, vectorString: "AV:N/AC:H/Au:N/C:P/I:N/A:P", version: "2.0", }, { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 4, confidentialityImpact: "PARTIAL", exploitabilityScore: 4.9, id: "CNVD-2006-2916", impactScore: 4.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:H/Au:N/C:P/I:N/A:P", version: "2.0", }, ], cvssV3: [], severity: [ { author: "nvd@nist.gov", id: "CVE-2006-2229", trust: 1, value: "MEDIUM", }, { author: "CNVD", id: "CNVD-2006-2916", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-200605-102", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2006-2916", }, { db: "CNNVD", id: "CNNVD-200605-102", }, { db: "NVD", id: "CVE-2006-2229", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "OpenVPN 2.0.7 and earlier, when configured to use the --management option with an IP that is not 127.0.0.1, uses a cleartext password for TCP sessions to the management interface, which might allow remote attackers to view sensitive information or cause a denial of service. OpenVPN is prone to a denial-of-service vulnerability", sources: [ { db: "NVD", id: "CVE-2006-2229", }, { db: "CNVD", id: "CNVD-2006-2916", }, { db: "BID", id: "87623", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2006-2229", trust: 2.5, }, { db: "OSVDB", id: "25660", trust: 1.6, }, { db: "CNVD", id: "CNVD-2006-2916", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-200605-102", trust: 0.6, }, { db: "BID", id: "87623", trust: 0.3, }, ], sources: [ { db: "CNVD", id: "CNVD-2006-2916", }, { db: "BID", id: "87623", }, { db: "CNNVD", id: "CNNVD-200605-102", }, { db: "NVD", id: "CVE-2006-2229", }, ], }, id: "VAR-200605-0584", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2006-2916", }, ], trust: 1.35, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2006-2916", }, ], }, last_update_date: "2024-11-23T23:07:05.149000Z", problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "NVD-CWE-Other", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2006-2229", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.9, url: "http://openvpn.net/man.html", }, { trust: 1.6, url: "http://www.securityfocus.com/archive/1/432863/100/0/threaded", }, { trust: 1.6, url: "http://www.osvdb.org/25660", }, { trust: 1.6, url: "http://www.securityfocus.com/archive/1/432867/100/0/threaded", }, { trust: 1.6, url: "http://www.securityfocus.com/archive/1/433000/100/0/threaded", }, { trust: 0.9, url: "http://www.securityfocus.com/archive/1/archive/1/432863/100/0/threaded", }, { trust: 0.3, url: "http://www.securityfocus.com/archive/1/archive/1/433000/100/0/threaded", }, { trust: 0.3, url: "http://www.securityfocus.com/archive/1/archive/1/432867/100/0/threaded", }, ], sources: [ { db: "CNVD", id: "CNVD-2006-2916", }, { db: "BID", id: "87623", }, { db: "CNNVD", id: "CNNVD-200605-102", }, { db: "NVD", id: "CVE-2006-2229", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2006-2916", }, { db: "BID", id: "87623", }, { db: "CNNVD", id: "CNNVD-200605-102", }, { db: "NVD", id: "CVE-2006-2229", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2006-05-05T00:00:00", db: "CNVD", id: "CNVD-2006-2916", }, { date: "2006-05-05T00:00:00", db: "BID", id: "87623", }, { date: "2006-05-05T00:00:00", db: "CNNVD", id: "CNNVD-200605-102", }, { date: "2006-05-05T19:02:00", db: "NVD", id: "CVE-2006-2229", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2006-05-05T00:00:00", db: "CNVD", id: "CNVD-2006-2916", }, { date: "2006-05-05T00:00:00", db: "BID", id: "87623", }, { date: "2020-05-13T00:00:00", db: "CNNVD", id: "CNNVD-200605-102", }, { date: "2024-11-21T00:10:50.520000", db: "NVD", id: "CVE-2006-2229", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-200605-102", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "OpenVPN management interface TCP session information disclosure vulnerability", sources: [ { db: "CNVD", id: "CNVD-2006-2916", }, ], trust: 0.6, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-200605-102", }, ], trust: 0.6, }, }