Missing message authentication in the meta-protocol in Tinc VPN version 1.0.34 and previous versions allows a man-in-the-middle attack to disable the encryption of VPN packets.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
tinc-vpn tinc |
||
debian debian linux 9.0 |
||
starwindsoftware starwind virtual san v8 |