OpenVPN Client Remote Code Execution Vulnerability

Bugtraq ID: 17392
Class: Input Validation Error
CVE: CVE-2006-1629
Remote: Yes
Local: No
Published: Apr 06 2006 12:00AM
Updated: Dec 05 2006 08:14PM
Credit: Discovery is credited to Hendrik Weimer.
Vulnerable: S.u.S.E. Linux Professional 10.0 OSS
S.u.S.E. Linux Professional 10.0
S.u.S.E. Linux Professional 9.3 x86_64
S.u.S.E. Linux Professional 9.3
S.u.S.E. Linux Personal 10.0 OSS
S.u.S.E. Linux Personal 9.3 x86_64
S.u.S.E. Linux Personal 9.3
OpenVPN OpenVPN 2.0.5
OpenVPN OpenVPN 2.0.4
OpenVPN OpenVPN 2.0.3
OpenVPN OpenVPN 2.0.2
OpenVPN OpenVPN 2.0.1
OpenVPN OpenVPN 2.0
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 amd64
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1
Mandriva Linux Mandrake 2006.0 x86_64
Mandriva Linux Mandrake 2006.0
MandrakeSoft Multi Network Firewall 2.0
Debian Linux 3.1 sparc
Debian Linux 3.1 s/390
Debian Linux 3.1 ppc
Debian Linux 3.1 mipsel
Debian Linux 3.1 mips
Debian Linux 3.1 m68k
Debian Linux 3.1 ia-64
Debian Linux 3.1 ia-32
Debian Linux 3.1 hppa
Debian Linux 3.1 arm
Debian Linux 3.1 amd64
Debian Linux 3.1 alpha
Debian Linux 3.1
Not Vulnerable: OpenVPN OpenVPN 2.0.6


 

Privacy Statement
Copyright 2010, SecurityFocus