According to its self-reported version number, the version of OpenVPN installed on the remote Windows host is prior to 2.3.1. It is, therefore, affected by an information disclosure vulnerability in the crypto.c component due to its HMAC comparison function not running in constant time. An unauthenticated, remote attacker can exploit this, via a timing attack, to disclose potentially sensitive information.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(125260);
script_version("1.6");
script_cvs_date("Date: 2019/10/31 15:18:52");
script_cve_id("CVE-2013-2061");
script_name(english:"OpenVPN < 2.3.1 Information Disclosure Vulnerability (Windows)");
script_summary(english:"Checks the version of OpenVPN.");
script_set_attribute(attribute:"synopsis", value:
"An application on the remote Windows host is affected by an information disclosure vulnerability.");
script_set_attribute(attribute:"description", value:
"According to its self-reported version number, the version of OpenVPN installed on the remote Windows host is prior to
2.3.1. It is, therefore, affected by an information disclosure vulnerability in the crypto.c component due to its HMAC
comparison function not running in constant time. An unauthenticated, remote attacker can exploit this, via a timing
attack, to disclose potentially sensitive information.");
# https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-f375aa67cc
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?56e4cef7");
script_set_attribute(attribute:"solution", value:
"Upgrade to OpenVPN 2.3.1 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2013-2061");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"vuln_publication_date", value:"2015/09/07");
script_set_attribute(attribute:"patch_publication_date", value:"2013/05/08");
script_set_attribute(attribute:"plugin_publication_date", value:"2019/05/17");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:openvpn:openvpn");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("openvpn_server_installed.nbin");
script_require_keys("installed_sw/OpenVPN Server");
exit(0);
}
include('vcf.inc');
app_info = vcf::get_app_info(app:'OpenVPN Server');
constraints = [{'fixed_version': '2.3.1'}];
vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_NOTE);