Published: 04/10/2017 Updated: 12/05/2022

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

OpenVPN versions prior to 2.3.3 and 2.4.x prior to 2.4.4 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openvpn openvpn
debian debian linux 9.0

Debian Bug report logs - #877089 openvpn: CVE-2017-12166 Package: src:openvpn; Maintainer for src:openvpn is Bernhard Schmidt <berni@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 28 Sep 2017 15:09:01 UTC Severity: important Tags: fixed-upstream, patch, security, upstream Found in vers ...

OpenVPN versions before 233 and 24x before 244 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution (CVE-2017-12166) ...

The bounds check in the read_key() function in OpenVPN before 244 and 2318 was performed after using the value, instead of before If 'key-method 1' is used, this allowed an attacker to send a malformed packet to trigger a stack buffer overflow Note that 'key-method 1' has been replaced by 'key method 2' as the default in OpenVPN 20 (release ...

CWE-787 https://community.openvpn.net/openvpn/wiki/CVE-2017-12166 http://www.securitytracker.com/id/1039470 http://www.securityfocus.com/bid/101153 https://lists.debian.org/debian-lts-announce/2022/05/msg00002.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877089 https://nvd.nist.gov https://alas.aws.amazon.com/ALAS-2017-920.html

CVE-2017-12166

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect