CVE-2006-1629 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2006-1629
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-1629

Description: OpenVPN 2.0 through 2.0.5 allows remote malicious servers to execute arbitrary code on the client by using setenv with the LD_PRELOAD environment variable.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/25667 SUSE http://www.novell.com/linux/security/advisories/2006_04_28.html SAID Secunia Advisory: SA19897 Secunia Advisory: SA19837 Secunia Advisory: SA19531 Secunia Advisory: SA19598 OSVDB 24444 MISC http://www.osreviews.net/reviews/security/openvpn-print MANDRIVA http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:069 DEBIAN http://www.debian.org/security/2006/dsa-1045 CONFIRM http://sourceforge.net/mailarchive/forum.php?thread_id=10093825&forum_id=8482 http://openvpn.net/changelog.html BID 17392

Return to the previous page.