oss-sec mailing list archives



4 remote vulnerabilities in OpenVPN

An extensive effort to find security vulnerabilities in OpenVPN has resulted in 4 vulnerabilities of such severity that they have been kept under embargo until today. Interestingly, this comes shortly after the results of two source code audits were released, which both failed to detect these problems. The worst vulnerability of the 4 allows a client the drain the server's memory, which, due to a particular technical circumstance, may be exploited to achieve remote code execution. An extensive write-up can be found here: https://guidovranken.wordpress.com/2017/06/21/the-openvpn-post-audit-bug-bonanza/ . A technical explanation for every vulnerability is provided, and I ponder the efficacy of source code audits. Guido

By Date By Thread

Current thread: