Lucene search

MitreCVE-2006-2229

HistoryMay 05, 2006 - 7:02 p.m.

CVE-2006-2229

2006-05-0519:02:00

mitre

web.nvd.nist.gov

openvpn

2.0.7

cve-2006-2229

cleartext password

vulnerability

ip configuration

management interface

denial of service

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:N/A:P

AI Score

6.8

Confidence

High

EPSS

0.016

Percentile

87.4%

JSON

OpenVPN 2.0.7 and earlier, when configured to use the --management option with an IP that is not 127.0.0.1, uses a cleartext password for TCP sessions to the management interface, which might allow remote attackers to view sensitive information or cause a denial of service.

Affected configurations

Nvd

Node

openvpnopenvpnMatch2.0

openvpnopenvpnMatch2.0.1_rc1

openvpnopenvpnMatch2.0.1_rc2

openvpnopenvpnMatch2.0.1_rc3

openvpnopenvpnMatch2.0.1_rc4

openvpnopenvpnMatch2.0.1_rc5

openvpnopenvpnMatch2.0.1_rc6

openvpnopenvpnMatch2.0.1_rc7

openvpnopenvpnMatch2.0.2_rc1

openvpnopenvpnMatch2.0.3_rc1

openvpnopenvpnMatch2.0.4

openvpnopenvpnMatch2.0.6_rc1

openvpnopenvpnMatch2.0_beta1

openvpnopenvpnMatch2.0_beta2

openvpnopenvpnMatch2.0_beta3

openvpnopenvpnMatch2.0_beta4

openvpnopenvpnMatch2.0_beta5

openvpnopenvpnMatch2.0_beta6

openvpnopenvpnMatch2.0_beta7

openvpnopenvpnMatch2.0_beta8

openvpnopenvpnMatch2.0_beta9

openvpnopenvpnMatch2.0_beta10

openvpnopenvpnMatch2.0_beta11

openvpnopenvpnMatch2.0_beta12

openvpnopenvpnMatch2.0_beta13

openvpnopenvpnMatch2.0_beta15

openvpnopenvpnMatch2.0_beta16

openvpnopenvpnMatch2.0_beta17

openvpnopenvpnMatch2.0_beta18

openvpnopenvpnMatch2.0_beta19

openvpnopenvpnMatch2.0_beta20

openvpnopenvpnMatch2.0_beta28

openvpnopenvpnMatch2.0_rc1

openvpnopenvpnMatch2.0_rc2

openvpnopenvpnMatch2.0_rc3

openvpnopenvpnMatch2.0_rc4

openvpnopenvpnMatch2.0_rc5

openvpnopenvpnMatch2.0_rc6

openvpnopenvpnMatch2.0_rc7

openvpnopenvpnMatch2.0_rc8

openvpnopenvpnMatch2.0_rc9

openvpnopenvpnMatch2.0_rc10

openvpnopenvpnMatch2.0_rc11

openvpnopenvpnMatch2.0_rc12

openvpnopenvpnMatch2.0_rc13

openvpnopenvpnMatch2.0_rc14

openvpnopenvpnMatch2.0_rc15

openvpnopenvpnMatch2.0_rc16

openvpnopenvpnMatch2.0_rc17

openvpnopenvpnMatch2.0_rc18

openvpnopenvpnMatch2.0_rc19

openvpnopenvpnMatch2.0_rc20

openvpnopenvpnMatch2.0_rc21

openvpnopenvpnMatch2.0_test1

openvpnopenvpnMatch2.0_test2

openvpnopenvpnMatch2.0_test3

openvpnopenvpnMatch2.0_test4

openvpnopenvpnMatch2.0_test5

openvpnopenvpnMatch2.0_test6

openvpnopenvpnMatch2.0_test7

openvpnopenvpnMatch2.0_test8

openvpnopenvpnMatch2.0_test9

openvpnopenvpnMatch2.0_test10

openvpnopenvpnMatch2.0_test11

openvpnopenvpnMatch2.0_test12

openvpnopenvpnMatch2.0_test14

openvpnopenvpnMatch2.0_test15

openvpnopenvpnMatch2.0_test16

openvpnopenvpnMatch2.0_test17

openvpnopenvpnMatch2.0_test18

openvpnopenvpnMatch2.0_test19

openvpnopenvpnMatch2.0_test20

openvpnopenvpnMatch2.0_test21

openvpnopenvpnMatch2.0_test22

openvpnopenvpnMatch2.0_test23

openvpnopenvpnMatch2.0_test24

openvpnopenvpnMatch2.0_test25

openvpnopenvpnMatch2.0_test26

openvpnopenvpnMatch2.0_test27

openvpnopenvpnMatch2.0_test29

openvpnopenvpn_access_serverMatch2.0.1

openvpnopenvpn_access_serverMatch2.0.2

openvpnopenvpn_access_serverMatch2.0.5

openvpnopenvpn_access_serverMatch2.0.6

openvpnopenvpn_access_serverMatch2.0.7

VendorProductVersionCPE
openvpnopenvpn2.0cpe:2.3:a:openvpn:openvpn:2.0:*:*:*:*:*:*:*
openvpnopenvpn2.0.1_rc1cpe:2.3:a:openvpn:openvpn:2.0.1_rc1:*:*:*:*:*:*:*
openvpnopenvpn2.0.1_rc2cpe:2.3:a:openvpn:openvpn:2.0.1_rc2:*:*:*:*:*:*:*
openvpnopenvpn2.0.1_rc3cpe:2.3:a:openvpn:openvpn:2.0.1_rc3:*:*:*:*:*:*:*
openvpnopenvpn2.0.1_rc4cpe:2.3:a:openvpn:openvpn:2.0.1_rc4:*:*:*:*:*:*:*
openvpnopenvpn2.0.1_rc5cpe:2.3:a:openvpn:openvpn:2.0.1_rc5:*:*:*:*:*:*:*
openvpnopenvpn2.0.1_rc6cpe:2.3:a:openvpn:openvpn:2.0.1_rc6:*:*:*:*:*:*:*
openvpnopenvpn2.0.1_rc7cpe:2.3:a:openvpn:openvpn:2.0.1_rc7:*:*:*:*:*:*:*
openvpnopenvpn2.0.2_rc1cpe:2.3:a:openvpn:openvpn:2.0.2_rc1:*:*:*:*:*:*:*
openvpnopenvpn2.0.3_rc1cpe:2.3:a:openvpn:openvpn:2.0.3_rc1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
openvpn	openvpn	2.0	cpe:2.3:a:openvpn:openvpn:2.0:::::::*
openvpn	openvpn	2.0.1_rc1	cpe:2.3:a:openvpn:openvpn:2.0.1_rc1:::::::*
openvpn	openvpn	2.0.1_rc2	cpe:2.3:a:openvpn:openvpn:2.0.1_rc2:::::::*
openvpn	openvpn	2.0.1_rc3	cpe:2.3:a:openvpn:openvpn:2.0.1_rc3:::::::*
openvpn	openvpn	2.0.1_rc4	cpe:2.3:a:openvpn:openvpn:2.0.1_rc4:::::::*
openvpn	openvpn	2.0.1_rc5	cpe:2.3:a:openvpn:openvpn:2.0.1_rc5:::::::*
openvpn	openvpn	2.0.1_rc6	cpe:2.3:a:openvpn:openvpn:2.0.1_rc6:::::::*
openvpn	openvpn	2.0.1_rc7	cpe:2.3:a:openvpn:openvpn:2.0.1_rc7:::::::*
openvpn	openvpn	2.0.2_rc1	cpe:2.3:a:openvpn:openvpn:2.0.2_rc1:::::::*
openvpn	openvpn	2.0.3_rc1	cpe:2.3:a:openvpn:openvpn:2.0.3_rc1:::::::*

Rows per page:

1-10 of 851

References

openvpn.net/man.html

www.osvdb.org/25660

www.securityfocus.com/archive/1/432863/100/0/threaded

www.securityfocus.com/archive/1/432867/100/0/threaded

www.securityfocus.com/archive/1/433000/100/0/threaded

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:N/A:P

AI Score

6.8

Confidence

High

EPSS

0.016

Percentile

87.4%

JSON

Related for CVE-2006-2229