CVE-2006-1629
Published Apr 6, 2006
Last updated 5 years ago
Overview
- Description
- OpenVPN 2.0 through 2.0.5 allows remote malicious servers to execute arbitrary code on the client by using setenv with the LD_PRELOAD environment variable.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9
- Impact score
- 10
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Evaluator
- Comment
- -
- Impact
- -
- Solution
- -
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6457C946-123B-4B85-9253-D284A7A16A61"
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn:2.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8DF6B1F4-6313-4BF4-AD87-431A1C9D40C8"
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn_access_server:2.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B42CB75B-355B-4D80-91EA-77723B275D0C"
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn_access_server:2.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9E5EFEC7-D9B6-454A-A36A-C75874564FCF"
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn_access_server:2.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "21846206-4CF3-426F-9BE7-93471987BC06"
},
{
"criteria": "cpe:2.3:a:openvpn:openvpn_access_server:2.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4ED93D78-3BA8-43DB-B5AF-D2D3941C9DAD"
}
],
"operator": "OR"
}
]
}
]