OpenVPN 'openvpn_decrypt()' Function Information Disclosure Vulnerability

Bugtraq ID: 59672
Class: Design Error
CVE: CVE-2013-2061
Remote: Yes
Local: No
Published: May 06 2013 12:00AM
Updated: Oct 06 2014 12:01AM
Credit: The vendor reported this issue.
Vulnerable: Ubuntu Ubuntu Linux 12.04 LTS i386
Ubuntu Ubuntu Linux 12.04 LTS amd64
Red Hat Fedora 17
OpenVPN OpenVPN 2.0.9
OpenVPN OpenVPN 2.0.8
OpenVPN OpenVPN 2.0.7
OpenVPN OpenVPN 2.0.6
OpenVPN OpenVPN 2.0.5
OpenVPN OpenVPN 2.0.4
OpenVPN OpenVPN 2.0.3
OpenVPN OpenVPN 2.0.2
OpenVPN OpenVPN 2.0.1
OpenVPN OpenVPN 2.0 beta11
OpenVPN OpenVPN 2.0
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 amd64
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1
OpenVPN OpenVPN 2.1-rc9
OpenVPN OpenVPN 2.1-rc8
OpenVPN OpenVPN 2.1-rc21
OpenVPN OpenVPN 2.1-beta14
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
Gentoo Linux
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus