The remote Fedora 35 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-a9bd17092d advisory.

    This is a maintenance release of OpenVPN 2.5 with a security fix when used in server mode     ([CVE-2022-0547](https://community.openvpn.net/openvpn/wiki/CVE-2022-0547)). The other changes are     available in [Changes.rst](https://github.com/OpenVPN/openvpn/blob/release/2.5/Changes.rst).

    **NOTE** Please read the CVE description carefully if you use authentication plug-ins with a server     configuration.

Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Ubuntu 14.04 LTS / 16.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6850-1 advisory.

    It was discovered that OpenVPN incorrectly handled certain configurations with multiple authentication     plugins. A remote attacker could possibly use this issue to bypass authentication using incomplete     credentials.

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5347-1 advisory.

    It was discovered that OpenVPN incorrectly handled certain configurations with multiple authentication     plugins. A remote attacker could possibly use this issue to bypass authentication using incomplete     credentials.

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 45a72180-a640-11ec-a08b-85298243e224 advisory.

  - OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins     when more than one of them makes use of deferred authentication replies, which allows an external user to     be granted access with only partially correct credentials. (CVE-2022-0547)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:1024-1 advisory.

  - OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins     when more than one of them makes use of deferred authentication replies, which allows an external user to     be granted access with only partially correct credentials. (CVE-2022-0547)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES11 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2022:14937-1 advisory.

  - OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins     when more than one of them makes use of deferred authentication replies, which allows an external user to     be granted access with only partially correct credentials. (CVE-2022-0547)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote host is affected by the vulnerability described in GLSA-202409-08 (OpenVPN: Multiple Vulnerabilities)

    Multiple vulnerabilities have been discovered in OpenVPN. Please review the CVE identifiers referenced     below for details.

Tenable has extracted the preceding description block directly from the Gentoo Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:1934-1 advisory.

  - OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins     when more than one of them makes use of deferred authentication replies, which allows an external user to     be granted access with only partially correct credentials. (CVE-2022-0547)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:1029-1 advisory.

  - OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins     when more than one of them makes use of deferred authentication replies, which allows an external user to     be granted access with only partially correct credentials. (CVE-2022-0547)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Debian 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-2992 advisory.

  - OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to a buffer overflow vulnerability     when key-method 1 is used, possibly resulting in code execution. (CVE-2017-12166)

  - An issue was discovered in OpenVPN 2.4.x before 2.4.9. An attacker can inject a data channel v2     (P_DATA_V2) packet using a victim's peer-id. Normally such packets are dropped, but if this packet arrives     before the data channel crypto parameters have been initialized, the victim's connection will be dropped.
    This requires careful timing due to the small time window (usually within a few seconds) between the     victim client connection starting and the server PUSH_REPLY response back to the client. This attack will     only work if Negotiable Cipher Parameters (NCP) is in use. (CVE-2020-11810)

  - OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control     channel data on servers configured with deferred authentication, which can be used to potentially trigger     further information leaks. (CVE-2020-15078)

  - OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins     when more than one of them makes use of deferred authentication replies, which allows an external user to     be granted access with only partially correct credentials. (CVE-2022-0547)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of openvpn installed on the remote host is prior to 2.4.12-1.43. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1719 advisory.

  - OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins     when more than one of them makes use of deferred authentication replies, which allows an external user to     be granted access with only partially correct credentials. (CVE-2022-0547)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2022:1029-1 advisory.

  - OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins     when more than one of them makes use of deferred authentication replies, which allows an external user to     be granted access with only partially correct credentials. (CVE-2022-0547)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Published	Updated	Severity
159010	Fedora 35 : openvpn (2022-a9bd17092d)	Nessus	Fedora Local Security Checks	3/17/2022	11/14/2024	critical
201019	Ubuntu 14.04 LTS / 16.04 LTS : OpenVPN vulnerability (USN-6850-1)	Nessus	Ubuntu Local Security Checks	6/26/2024	8/27/2024	critical
159204	Ubuntu 18.04 LTS / 20.04 LTS : OpenVPN vulnerability (USN-5347-1)	Nessus	Ubuntu Local Security Checks	3/24/2022	8/27/2024	critical
159035	FreeBSD : openvpn -- Potential authentication by-pass with multiple deferred authentication plug-ins (45a72180-a640-11ec-a08b-85298243e224)	Nessus	FreeBSD Local Security Checks	3/17/2022	11/6/2023	critical
159345	SUSE SLES12 Security Update : openvpn (SUSE-SU-2022:1024-1)	Nessus	SuSE Local Security Checks	3/30/2022	7/14/2023	critical
159566	SUSE SLES11 Security Update : openvpn-openssl1 (SUSE-SU-2022:14937-1)	Nessus	SuSE Local Security Checks	4/7/2022	7/13/2023	critical
207570	GLSA-202409-08 : OpenVPN: Multiple Vulnerabilities	Nessus	Gentoo Local Security Checks	9/22/2024	9/22/2024	critical
161834	SUSE SLED15 / SLES15 Security Update : openvpn (SUSE-SU-2022:1934-1)	Nessus	SuSE Local Security Checks	6/4/2022	7/14/2023	critical
159335	SUSE SLED15 / SLES15 Security Update : openvpn (SUSE-SU-2022:1029-1)	Nessus	SuSE Local Security Checks	3/30/2022	7/14/2023	critical
160475	Debian DLA-2992-1 : openvpn - LTS security update	Nessus	Debian Local Security Checks	5/3/2022	10/4/2024	critical
173935	Amazon Linux AMI : openvpn (ALAS-2023-1719)	Nessus	Amazon Linux Local Security Checks	4/6/2023	4/6/2023	critical
159325	openSUSE 15 Security Update : openvpn (openSUSE-SU-2022:1029-1)	Nessus	SuSE Local Security Checks	3/30/2022	3/30/2022	critical

Detections

Analytics

Plugins Search

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical