CVE-2020-15078

Related Files

Gentoo Linux Security Advisory 202105-25

Posted May 26, 2021

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202105-25 - A vulnerability has been found in OpenVPN, allowing attackers to bypass the authentication process. Versions less than 2.5.2 are affected.

tags | advisory

systems | linux, gentoo

advisories | CVE-2020-15078

SHA-256 | 7dce0defbeb91a22548fbd1d5a4ff17df96dd9df37a7bed44db6d6c1b3f5593d

Download | Favorite | View

Ubuntu Security Notice USN-4933-1

Posted May 4, 2021

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4933-1 - It was discovered that OpenVPN incorrectly handled certain data channel v2 packets. A remote attacker could possibly use this issue to inject packets using a victim's peer-id. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. It was discovered that OpenVPN incorrectly handled deferred authentication. When a server is configured to use deferred authentication, a remote attacker could possibly use this issue to bypass authentication and access control channel data. Various other issues were also addressed.

tags | advisory, remote

systems | linux, ubuntu

advisories | CVE-2020-11810, CVE-2020-15078

SHA-256 | 2825529c6f1bdef2f73c5ea9bd787acc906039796b1d72be689bb5b5d0bb35b0

Download | Favorite | View