Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openvpn openvpn 2.0 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-12166
OpenVPN versions prior to 2.3.3 and 2.4.x prior to 2.4.4 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution.
Openvpn Openvpn
Debian Debian Linux 9.0
NA
CVE-2014-8104
OpenVPN 2.x prior to 2.0.11, 2.1.x, 2.2.x prior to 2.2.3, and 2.3.x prior to 2.3.6 allows remote authenticated users to cause a denial of service (server crash) via a small control channel packet.
Mageia Mageia 4.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Openvpn Openvpn 2.0 Rc9
Openvpn Openvpn 2.1
Openvpn Openvpn 2.0 Test19
Openvpn Openvpn 2.0 Test17
Openvpn Openvpn 2.0 Test28
Openvpn Openvpn 2.0 Test10
Openvpn Openvpn 2.2
Openvpn Openvpn 2.0 Test23
Openvpn Openvpn 2.2.2
Openvpn Openvpn 2.3
Openvpn Openvpn 2.0.1 Rc3
Openvpn Openvpn 2.0 Rc19
Openvpn Openvpn 2.2.1
Openvpn Openvpn 2.0.4
Openvpn Openvpn 2.0 Rc21
Openvpn Openvpn 2.3.4
1 Article
NA
CVE-2006-2229
OpenVPN 2.0.7 and previous versions, when configured to use the --management option with an IP that is not 127.0.0.1, uses a cleartext password for TCP sessions to the management interface, which might allow remote malicious users to view sensitive information or cause a denial o...
Openvpn Openvpn 2.0 Beta13
Openvpn Openvpn 2.0 Rc9
Openvpn Openvpn 2.0 Test19
Openvpn Openvpn 2.0
Openvpn Openvpn 2.0 Test17
Openvpn Openvpn 2.0 Test10
Openvpn Openvpn 2.0 Test23
Openvpn Openvpn 2.0 Beta20
Openvpn Openvpn 2.0.1 Rc3
Openvpn Openvpn 2.0 Beta19
Openvpn Openvpn 2.0 Rc19
Openvpn Openvpn 2.0 Beta1
Openvpn Openvpn 2.0.4
Openvpn Openvpn 2.0 Rc21
Openvpn Openvpn 2.0 Beta9
Openvpn Openvpn 2.0.1 Rc4
Openvpn Openvpn 2.0.1 Rc2
Openvpn Openvpn 2.0 Test26
Openvpn Openvpn 2.0 Rc2
Openvpn Openvpn 2.0 Test1
Openvpn Openvpn 2.0 Beta16
Openvpn Openvpn 2.0 Beta10
NA
CVE-2006-1629
OpenVPN 2.0 up to and including 2.0.5 allows remote malicious servers to execute arbitrary code on the client by using setenv with the LD_PRELOAD environment variable.
Openvpn Openvpn 2.0
Openvpn Openvpn 2.0.4
Openvpn Openvpn Access Server 2.0.1
Openvpn Openvpn Access Server 2.0.2
Openvpn Openvpn Access Server 2.0.3
Openvpn Openvpn Access Server 2.0.5
NA
CVE-2005-3409
OpenVPN 2.x prior to 2.0.4, when running in TCP mode, allows remote malicious users to cause a denial of service (segmentation fault) by forcing the accept function call to return an error status, which leads to a null dereference in an exception handler.
Openvpn Openvpn 2.0 Beta13
Openvpn Openvpn 2.0 Rc9
Openvpn Openvpn 2.0 Test19
Openvpn Openvpn 2.0
Openvpn Openvpn 2.0 Test17
Openvpn Openvpn 2.0 Test10
Openvpn Openvpn 2.0 Test23
Openvpn Openvpn 2.0 Beta20
Openvpn Openvpn 2.0.1 Rc3
Openvpn Openvpn 2.0 Beta19
Openvpn Openvpn 2.0 Rc19
Openvpn Openvpn 2.0 Beta1
Openvpn Openvpn 2.0 Rc21
Openvpn Openvpn 2.0 Beta9
Openvpn Openvpn 2.0.1 Rc4
Openvpn Openvpn 2.0.1 Rc2
Openvpn Openvpn 2.0 Test26
Openvpn Openvpn 2.0 Rc2
Openvpn Openvpn 2.0 Test1
Openvpn Openvpn 2.0 Beta16
Openvpn Openvpn 2.0 Beta10
Openvpn Openvpn 2.0 Rc20
NA
CVE-2005-3393
Format string vulnerability in the foreign_option function in options.c for OpenVPN 2.0.x allows remote clients to execute arbitrary code via format string specifiers in a push of the dhcp-option command option.
Openvpn Openvpn 2.0
Openvpn Openvpn 2.0 Beta11
Openvpn Openvpn Access Server 2.0.1
Openvpn Openvpn Access Server 2.0.2
NA
CVE-2005-2533
OpenVPN prior to 2.0.1, when running in "dev tap" Ethernet bridging mode, allows remote authenticated clients to cause a denial of service (memory exhaustion) via a flood of packets with a large number of spoofed MAC addresses.
Openvpn Openvpn 2.0 Beta13
Openvpn Openvpn 2.0 Rc9
Openvpn Openvpn 2.0 Test19
Openvpn Openvpn 2.0
Openvpn Openvpn 2.0 Test17
Openvpn Openvpn 2.0 Test10
Openvpn Openvpn 2.0 Test23
Openvpn Openvpn 2.0 Beta20
Openvpn Openvpn 2.0.1 Rc3
Openvpn Openvpn 2.0 Beta19
Openvpn Openvpn 2.0 Rc19
Openvpn Openvpn 2.0 Beta1
Openvpn Openvpn 2.0 Rc21
Openvpn Openvpn 2.0 Beta9
Openvpn Openvpn 2.0.1 Rc4
Openvpn Openvpn 2.0.1 Rc2
Openvpn Openvpn 2.0 Test26
Openvpn Openvpn 2.0 Rc2
Openvpn Openvpn 2.0 Test1
Openvpn Openvpn 2.0 Beta16
Openvpn Openvpn 2.0 Beta10
Openvpn Openvpn 2.0 Rc20
NA
CVE-2005-2531
OpenVPN prior to 2.0.1, when running with "verb 0" and without TLS authentication, does not properly flush the OpenSSL error queue when a client fails certificate authentication to the server and causes the error to be processed by the wrong client, which allows remote ...
Openvpn Openvpn 2.0 Beta13
Openvpn Openvpn 2.0 Rc9
Openvpn Openvpn 2.0 Test19
Openvpn Openvpn 2.0
Openvpn Openvpn 2.0 Test17
Openvpn Openvpn 2.0 Test10
Openvpn Openvpn 2.0 Test23
Openvpn Openvpn 2.0 Beta20
Openvpn Openvpn 2.0.1 Rc3
Openvpn Openvpn 2.0 Beta19
Openvpn Openvpn 2.0 Rc19
Openvpn Openvpn 2.0 Beta1
Openvpn Openvpn 2.0 Rc21
Openvpn Openvpn 2.0 Beta9
Openvpn Openvpn 2.0.1 Rc4
Openvpn Openvpn 2.0.1 Rc2
Openvpn Openvpn 2.0 Test26
Openvpn Openvpn 2.0 Rc2
Openvpn Openvpn 2.0 Test1
Openvpn Openvpn 2.0 Beta16
Openvpn Openvpn 2.0 Beta10
Openvpn Openvpn 2.0 Rc20
NA
CVE-2005-2532
OpenVPN prior to 2.0.1 does not properly flush the OpenSSL error queue when a packet can not be decrypted by the server, which allows remote authenticated malicious users to cause a denial of service (client disconnection) via a large number of packets that can not be decrypted.
Openvpn Openvpn 2.0 Beta13
Openvpn Openvpn 2.0 Rc9
Openvpn Openvpn 2.0 Test19
Openvpn Openvpn 2.0
Openvpn Openvpn 2.0 Test17
Openvpn Openvpn 2.0 Test10
Openvpn Openvpn 2.0 Test23
Openvpn Openvpn 2.0 Beta20
Openvpn Openvpn 2.0.1 Rc3
Openvpn Openvpn 2.0 Beta19
Openvpn Openvpn 2.0 Rc19
Openvpn Openvpn 2.0 Beta1
Openvpn Openvpn 2.0 Rc21
Openvpn Openvpn 2.0 Beta9
Openvpn Openvpn 2.0.1 Rc4
Openvpn Openvpn 2.0.1 Rc2
Openvpn Openvpn 2.0 Test26
Openvpn Openvpn 2.0 Rc2
Openvpn Openvpn 2.0 Test1
Openvpn Openvpn 2.0 Beta16
Openvpn Openvpn 2.0 Beta10
Openvpn Openvpn 2.0 Rc20
NA
CVE-2005-2534
Race condition in OpenVPN prior to 2.0.1, when --duplicate-cn is not enabled, allows remote malicious users to cause a denial of service (server crash) via simultaneous TCP connections from multiple clients that use the same client certificate.
Openvpn Openvpn 2.0 Beta13
Openvpn Openvpn 2.0 Rc9
Openvpn Openvpn 2.0 Test19
Openvpn Openvpn 2.0
Openvpn Openvpn 2.0 Test17
Openvpn Openvpn 2.0 Test10
Openvpn Openvpn 2.0 Test23
Openvpn Openvpn 2.0 Beta20
Openvpn Openvpn 2.0.1 Rc3
Openvpn Openvpn 2.0 Beta19
Openvpn Openvpn 2.0 Rc19
Openvpn Openvpn 2.0 Beta1
Openvpn Openvpn 2.0 Rc21
Openvpn Openvpn 2.0 Beta9
Openvpn Openvpn 2.0.1 Rc4
Openvpn Openvpn 2.0.1 Rc2
Openvpn Openvpn 2.0 Test26
Openvpn Openvpn 2.0 Rc2
Openvpn Openvpn 2.0 Test1
Openvpn Openvpn 2.0 Beta16
Openvpn Openvpn 2.0 Beta10
Openvpn Openvpn 2.0 Rc20
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started