[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-devel] OpenVPN 2.1-beta12 released

  • Subject: Re: [Openvpn-devel] OpenVPN 2.1-beta12 released
  • From: James Yonan <jim@xxxxxxxxx>
  • Date: Wed, 05 Apr 2006 12:54:36 -0600
James Yonan wrote: 
2006.04.05 -- Version 2.1-beta12

* Security Vulnerability -- An OpenVPN client connecting to a
malicious or compromised server could potentially receive
"setenv" configuration directives from the server which could
cause arbitrary code execution on the client via a LD_PRELOAD
attack... 
This vulnerability has been assigned the name CVE-2006-1629.

James


Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-04/msg00097.html on line 177

Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-04/msg00097.html on line 177