CVE-2005-3393

Published: 01/11/2005 Updated: 12/05/2020

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Format string vulnerability in the foreign_option function in options.c for OpenVPN 2.0.x allows remote clients to execute arbitrary code via format string specifiers in a push of the dhcp-option command option.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openvpn openvpn 2.0
openvpn openvpn 2.0 beta11
openvpn openvpn access server 2.0.1
openvpn openvpn access server 2.0.2

Debian Bug report logs - #336751 openvpn: Format string vulnerability in config parsing code Package: openvpn; Maintainer for openvpn is Bernhard Schmidt <berni@debianorg>; Source for openvpn is src:openvpn (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Tue, 1 Nov 2005 09:18:02 UTC Se ...

Debian Bug report logs - #337334 CVE-2005-3409: DoS through null pointer deference in exception handling Package: openvpn; Maintainer for openvpn is Bernhard Schmidt <berni@debianorg>; Source for openvpn is src:openvpn (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Thu, 3 Nov 2005 23:3 ...

Several vulnerabilities have been discovered in OpenVPN, a free virtual private network daemon The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-3393 A format string vulnerability has been discovered that could allow arbitrary code to be executed on the client CVE-2005-3409 A NULL pointer de ...

NVD-CWE-Other http://www.securityfocus.com/bid/15239 http://openvpn.net/changelog.html http://secunia.com/advisories/17376 http://www.debian.org/security/2005/dsa-885 http://www.gentoo.org/security/en/glsa/glsa-200511-07.xml http://secunia.com/advisories/17447 http://secunia.com/advisories/17452 http://www.novell.com/linux/security/advisories/2005_25_sr.html http://secunia.com/advisories/17480 http://www.vupen.com/english/advisories/2005/2255 http://marc.info/?l=bugtraq&m=113081023121059&w=2 http://www.securityfocus.com/archive/1/415487 https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=336751 https://www.debian.org/security/./dsa-885

CVE-2005-3393

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect