Published: 01/11/2005 Updated: 12/05/2020

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Format string vulnerability in the foreign_option function in options.c for OpenVPN 2.0.x allows remote clients to execute arbitrary code via format string specifiers in a push of the dhcp-option command option.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openvpn openvpn access server 2.0.1
openvpn openvpn access server 2.0.2
openvpn openvpn 2.0
openvpn openvpn 2.0_beta11

Debian Bug report logs - #336751 openvpn: Format string vulnerability in config parsing code Package: openvpn; Maintainer for openvpn is Bernhard Schmidt <berni@debianorg>; Source for openvpn is src:openvpn (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Tue, 1 Nov 2005 09:18:02 UTC Se ...

Debian Bug report logs - #337334 CVE-2005-3409: DoS through null pointer deference in exception handling Package: openvpn; Maintainer for openvpn is Bernhard Schmidt <berni@debianorg>; Source for openvpn is src:openvpn (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Thu, 3 Nov 2005 23:3 ...

Several vulnerabilities have been discovered in OpenVPN, a free virtual private network daemon The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-3393 A format string vulnerability has been discovered that could allow arbitrary code to be executed on the client CVE-2005-3409 A NULL pointer de ...

NVD-CWE-Other http://www.securityfocus.com/bid/15239 http://openvpn.net/changelog.html http://secunia.com/advisories/17376 http://www.debian.org/security/2005/dsa-885 http://www.gentoo.org/security/en/glsa/glsa-200511-07.xml http://secunia.com/advisories/17447 http://secunia.com/advisories/17452 http://www.novell.com/linux/security/advisories/2005_25_sr.html http://secunia.com/advisories/17480 http://www.vupen.com/english/advisories/2005/2255 http://marc.info/?l=bugtraq&m=113081023121059&w=2 http://www.securityfocus.com/archive/1/415487 https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=336751 https://www.debian.org/security/./dsa-885

CVE-2005-3393

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect