OpenVPN taken to task after audit ignores remote code execution flaws

OpenVPN taken to task after audit ignores remote code execution flaws

By | July 1st, 2017
No Comments on OpenVPN taken to task after audit ignores remote code execution flaws

Serious security bugs have been exposed, some of which can lead to remote

code execution.


														
							

A researcher has revealed four dangerous bugs, among others, in OpenVPN which two recent audits of the virtual private network’s code failed to find.

The first vulnerability, CVE-2017-7521, is a set of issues found in the extract_x509_extension, in which attackers can create a remote server crash and memory leaks.

If the user has utilized the x509-username-field configuration, a storage issue results in crashes, loops can be caused by a failure to check strings and return values properly, and a naming issue causes memory leak problems.

The second vulnerability, CVE-2017-7520, only affects users who use OpenVPN to connect to a Windows NTLM version 2 proxy.

A man-in-the-middle (MiTM) attack is possible, resulting in data leaks and potential surveillance — and as user passwords are stored in cleartext, this may also compromise the user further.

Finally, another bug — with no CVE assignment — can cause stack buffer overflow corruption if a long -tls-cipher option is implemented.

Source

Google
Nisheeth Bhakuni