Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3459

Overview

Vulnerability Score 7.6 7.6
CVE Id CVE-2008-3459
Last Modified 12 Apr 2011 12:00:00
Published 04 Aug 2008 03:41:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2008-3459

Summary

Unspecified vulnerability in OpenVPN 2.1-beta14 through 2.1-rc8, when running on non-Windows systems, allows remote servers to execute arbitrary commands via crafted (1) lladdr and (2) iproute configuration directives, probably related to shell metacharacters.

Vulnerable Systems

Application

  • Openvpn 2.1


References

XF - openvpn-lladdr-iproute-code-execution(44209)

VUPEN - ADV-2008-2316

SECTRACK - 1020626

BID - 30532

CONFIRM - http://openvpn.net/index.php/documentation/change-log/changelog-21.html


Last Updated: 27 May 2016 10:48:12