OpenVPN 2.0 up to and including 2.0.5 allows remote malicious servers to execute arbitrary code on the client by using setenv with the LD_PRELOAD environment variable.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openvpn openvpn 2.0 |
||
openvpn openvpn access server 2.0.3 |
||
openvpn openvpn 2.0.4 |
||
openvpn openvpn access server 2.0.5 |
||
openvpn openvpn access server 2.0.1 |
||
openvpn openvpn access server 2.0.2 |