|
|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200511-07] OpenVPN: Multiple vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
OpenVPN: Multiple vulnerabilities
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200511-07
(OpenVPN: Multiple vulnerabilities)
The OpenVPN client contains a format string bug in the handling of
the foreign_option in options.c. Furthermore, when the OpenVPN server
runs in TCP mode, it may dereference a NULL pointer under specific
error conditions.
Impact
A remote attacker could setup a malicious OpenVPN server and trick
the user into connecting to it, potentially executing arbitrary code on
the client's computer. A remote attacker could also exploit the NULL
dereference issue by sending specific packets to an OpenVPN server
running in TCP mode, resulting in a Denial of Service condition.
Workaround
Do not use "pull" or "client" options in the OpenVPN client
configuration file, and use UDP mode for the OpenVPN server.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3393
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3409
http://openvpn.net/changelog.html
Solution:
All OpenVPN users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/openvpn-2.0.4"
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|
