OpenVPN 'openvpn_decrypt()' Function Information Disclosure Vulnerability

Bugtraq ID: 59672
Class: Design Error
CVE: CVE-2013-2061
Remote: Yes
Local: No
Published: May 06 2013 12:00AM
Updated: Nov 21 2013 12:06AM
Credit: The vendor reported this issue.
Vulnerable: Red Hat Fedora 17
OpenVPN OpenVPN 2.0.9
OpenVPN OpenVPN 2.0.8
OpenVPN OpenVPN 2.0.7
OpenVPN OpenVPN 2.0.6
OpenVPN OpenVPN 2.0.5
OpenVPN OpenVPN 2.0.4
OpenVPN OpenVPN 2.0.3
OpenVPN OpenVPN 2.0.2
OpenVPN OpenVPN 2.0.1
OpenVPN OpenVPN 2.0 beta11
OpenVPN OpenVPN 2.0
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 amd64
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1
OpenVPN OpenVPN 2.1-rc9
OpenVPN OpenVPN 2.1-rc8
OpenVPN OpenVPN 2.1-rc21
OpenVPN OpenVPN 2.1-beta14
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
Gentoo Linux
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus