Lucene search

RedhatCVE-2013-2061

HistoryNov 18, 2013 - 2:55 a.m.

CVE-2013-2061

2013-11-1802:55:07

CWE-200

redhat

web.nvd.nist.gov

173

cve-2013-2061

openvpn

crypto

udp

timing attack

hmac

padding oracle

cbc mode cipher

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

AI Score

5.8

Confidence

Low

EPSS

0.006

Percentile

77.9%

JSON

The openvpn_decrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when running in UDP mode, allows remote attackers to obtain sensitive information via a timing attack involving an HMAC comparison function that does not run in constant time and a padding oracle attack on the CBC mode cipher.

Affected configurations

Nvd

Node

openvpnopenvpnRange≤2.3.0

openvpnopenvpnMatch1.2.0

openvpnopenvpnMatch1.2.1

openvpnopenvpnMatch1.3.0

openvpnopenvpnMatch1.3.1

openvpnopenvpnMatch1.3.2

openvpnopenvpnMatch1.4.0

openvpnopenvpnMatch1.4.1

openvpnopenvpnMatch1.4.2

openvpnopenvpnMatch1.4.3

openvpnopenvpnMatch1.5.0

openvpnopenvpnMatch1.6.0

openvpnopenvpnMatch2.1.0

openvpnopenvpnMatch2.2.0

openvpnopenvpn_access_serverMatch2.0.0

Node

opensuseopensuseMatch11.4

VendorProductVersionCPE
openvpnopenvpn*cpe:2.3:a:openvpn:openvpn:*:*:*:*:*:*:*:*
openvpnopenvpn1.2.0cpe:2.3:a:openvpn:openvpn:1.2.0:*:*:*:*:*:*:*
openvpnopenvpn1.2.1cpe:2.3:a:openvpn:openvpn:1.2.1:*:*:*:*:*:*:*
openvpnopenvpn1.3.0cpe:2.3:a:openvpn:openvpn:1.3.0:*:*:*:*:*:*:*
openvpnopenvpn1.3.1cpe:2.3:a:openvpn:openvpn:1.3.1:*:*:*:*:*:*:*
openvpnopenvpn1.3.2cpe:2.3:a:openvpn:openvpn:1.3.2:*:*:*:*:*:*:*
openvpnopenvpn1.4.0cpe:2.3:a:openvpn:openvpn:1.4.0:*:*:*:*:*:*:*
openvpnopenvpn1.4.1cpe:2.3:a:openvpn:openvpn:1.4.1:*:*:*:*:*:*:*
openvpnopenvpn1.4.2cpe:2.3:a:openvpn:openvpn:1.4.2:*:*:*:*:*:*:*
openvpnopenvpn1.4.3cpe:2.3:a:openvpn:openvpn:1.4.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
openvpn	openvpn	*	cpe:2.3:a:openvpn:openvpn::::::::
openvpn	openvpn	1.2.0	cpe:2.3:a:openvpn:openvpn:1.2.0:::::::*
openvpn	openvpn	1.2.1	cpe:2.3:a:openvpn:openvpn:1.2.1:::::::*
openvpn	openvpn	1.3.0	cpe:2.3:a:openvpn:openvpn:1.3.0:::::::*
openvpn	openvpn	1.3.1	cpe:2.3:a:openvpn:openvpn:1.3.1:::::::*
openvpn	openvpn	1.3.2	cpe:2.3:a:openvpn:openvpn:1.3.2:::::::*
openvpn	openvpn	1.4.0	cpe:2.3:a:openvpn:openvpn:1.4.0:::::::*
openvpn	openvpn	1.4.1	cpe:2.3:a:openvpn:openvpn:1.4.1:::::::*
openvpn	openvpn	1.4.2	cpe:2.3:a:openvpn:openvpn:1.4.2:::::::*
openvpn	openvpn	1.4.3	cpe:2.3:a:openvpn:openvpn:1.4.3:::::::*