CVE-2017-12166

Опубликовано: 04 окт. 2017

Источник: ubuntu

Приоритет: low

CVSS2: 6.8

CVSS3: 9.8

Описание

OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution.

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	not-affected	2.4.4-2ubuntu1
cosmic	ignored	end of life
devel	not-affected	2.4.7-1ubuntu2
disco	ignored	end of life
eoan	not-affected	2.4.7-1ubuntu2
esm-infra-legacy/trusty	released	2.3.2-7ubuntu3.2+esm2
esm-infra/bionic	not-affected	2.4.4-2ubuntu1
esm-infra/focal	not-affected	2.4.7-1ubuntu2
esm-infra/xenial	released	2.3.10-1ubuntu2.2+esm2

Показывать по

Ссылки на источники

6.8 Medium

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

CVE-2017-12166

CVSS3: 9.8

nvd

больше 7 лет назад

OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution.

CVE-2017-12166

CVSS3: 9.8

debian

больше 7 лет назад

OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to ...

openSUSE-SU-2017:2892-1

suse-cvrf

больше 7 лет назад

Security update for openvpn

SUSE-SU-2017:3177-1

suse-cvrf

больше 7 лет назад

Security update for openvpn-openssl1

SUSE-SU-2017:2839-1

suse-cvrf

больше 7 лет назад

Security update for openvpn

6.8 Medium

CVSS2

9.8 Critical

CVSS3

CVE-2017-12166

Описание

Пакет openvpn

Ссылки на источники

Связанные уязвимости