Approved changes feed: RSS · Atom
cpe:2.3:a:openvpn:openvpn:2.0_beta17:*:*:*:*:*:*:*
part: a version: 2.0_beta17 update: *
| Vendor | Openvpn (69250643-f594-58ab-9395-086994cbe5f3) |
|---|---|
| Product | Openvpn (cff78dd9-2909-5405-93d7-f62ace8a52df) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:deb/debian/openvpn |
purl2cpe | 2026-06-01 10:12:10.835443 |
pkg:deb/ubuntu/openvpn |
purl2cpe | 2026-06-01 10:12:10.835445 |
pkg:github/openvpn/openvpn |
purl2cpe | 2026-06-01 10:12:10.835446 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2006-2229 |
vulnerable | 2026-06-03 14:27:31.335494 |
Details available
OpenVPN 2.0.7 and earlier, when configured to use the --management option with an IP that is not 127.0.0.1, uses a cleartext password for TCP sessions to the management interface, which might allow remote attackers to view sensitive information or cause a denial of service.
Published: 2006-05-05T19:00:00.000Z
Updated: 2024-08-07T17:43:28.654Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2005-3409 |
vulnerable | 2026-06-03 14:27:09.841069 |
Details available
OpenVPN 2.x before 2.0.4, when running in TCP mode, allows remote attackers to cause a denial of service (segmentation fault) by forcing the accept function call to return an error status, which leads to a null dereference in an exception handler.
Published: 2005-11-02T00:00:00.000Z
Updated: 2024-08-07T23:10:08.881Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2005-2534 |
vulnerable | 2026-06-03 14:27:02.312256 |
Details available
Race condition in OpenVPN before 2.0.1, when --duplicate-cn is not enabled, allows remote attackers to cause a denial of service (server crash) via simultaneous TCP connections from multiple clients that use the same client certificate.
Published: 2005-08-24T04:00:00.000Z
Updated: 2024-08-07T22:30:01.604Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2005-2533 |
vulnerable | 2026-06-03 14:27:02.310450 |
Details available
OpenVPN before 2.0.1, when running in "dev tap" Ethernet bridging mode, allows remote authenticated clients to cause a denial of service (memory exhaustion) via a flood of packets with a large number of spoofed MAC addresses.
Published: 2005-08-24T04:00:00.000Z
Updated: 2024-08-07T22:30:01.165Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2005-2532 |
vulnerable | 2026-06-03 14:27:02.308450 |
Details available
OpenVPN before 2.0.1 does not properly flush the OpenSSL error queue when a packet can not be decrypted by the server, which allows remote authenticated attackers to cause a denial of service (client disconnection) via a large number of packets that can not be decrypted.
Published: 2005-08-24T04:00:00.000Z
Updated: 2024-08-07T22:30:01.155Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2005-2531 |
vulnerable | 2026-06-03 14:27:02.282712 |
Details available
OpenVPN before 2.0.1, when running with "verb 0" and without TLS authentication, does not properly flush the OpenSSL error queue when a client fails certificate authentication to the server and causes the error to be processed by the wrong client, which allows remote attackers to cause a denial of service (client disconnection) via a large number of failed authentication attempts.
Published: 2005-08-24T04:00:00.000Z
Updated: 2024-08-07T22:30:01.294Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.