Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2005-3393

Format string vulnerability in the foreign_option function in options.c for OpenVPN 2.0.x allows remote clients to execute arbitrary code via format string specifiers in a push of the dhcp-option command option.

Related bugs and status

CVE-2005-3393 (Candidate) is related to these bugs:

Bug #3843: Security issues for openvpn

Summary				In	Importance	Status
	3843	Security issues for openvpn		openvpn (Ubuntu)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

BID: 15239
CONFIRM: http://openvpn.net/cha...
SECUNIA: 17376
DEBIAN: DSA-885
GENTOO: GLSA-200511-07
SECUNIA: 17447
SECUNIA: 17452
SUSE: SUSE-SR:2005:025
SECUNIA: 17480
VUPEN: ADV-2005-2255
BUGTRAQ: 20051031 OpenVPN[v2.0....
OPENPKG: OpenPKG-SA-2005.023