Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2024-27903

Опубликовано: 08 июл. 2024
Источник: debian

Описание

OpenVPN plug-ins on Windows with OpenVPN 2.6.9 and earlier could be loaded from any directory, which allows an attacker to load an arbitrary plug-in which can be used to interact with the privileged OpenVPN interactive service.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
openvpnnot-affectedpackage

Примечания

  • https://openvpn.net/security-advisory/ovpnx-vulnerability-cve-2024-27903-cve-2024-27459-cve-2024-24974/

Связанные уязвимости

ubuntu логотип

CVE-2024-27903

CVSS3: 9.8
ubuntu
12 месяцев назад

OpenVPN plug-ins on Windows with OpenVPN 2.6.9 and earlier could be loaded from any directory, which allows an attacker to load an arbitrary plug-in which can be used to interact with the privileged OpenVPN interactive service.

nvd логотип

CVE-2024-27903

CVSS3: 9.8
nvd
12 месяцев назад

OpenVPN plug-ins on Windows with OpenVPN 2.6.9 and earlier could be loaded from any directory, which allows an attacker to load an arbitrary plug-in which can be used to interact with the privileged OpenVPN interactive service.

github логотип

GHSA-63q4-8wcf-wg8f

CVSS3: 7.2
github
12 месяцев назад

OpenVPN plug-ins on Windows with OpenVPN 2.6.9 and earlier could be loaded from any directory, which allows an attacker to load an arbitrary plug-in which can be used to interact with the privileged OpenVPN interactive service.

fstec логотип

BDU:2024-05533

CVSS3: 9.8
fstec
около 1 года назад

Уязвимость компонента Plug-in Handler программного обеспечения OpenVPN, позволяющая нарушителю загружать произвольные модули