Unspecified vulnerability in OpenVPN 2.1-beta14 through 2.1-rc8, when running on non-Windows systems, allows remote servers to execute arbitrary commands via crafted (1) lladdr and (2) iproute configuration directives, probably related to shell metacharacters.
Software | From | Fixed in |
---|---|---|
openvpn / openvpn | 2.1-beta-14 | 2.1-beta-14.x |
openvpn / openvpn | 2.1-beta-15 | 2.1-beta-15.x |
openvpn / openvpn | 2.1-beta-16 | 2.1-beta-16.x |
openvpn / openvpn | 2.1-rc_1 | 2.1-rc_1.x |
openvpn / openvpn | 2.1-rc_2 | 2.1-rc_2.x |
openvpn / openvpn | 2.1-rc_3 | 2.1-rc_3.x |
openvpn / openvpn | 2.1-rc_4 | 2.1-rc_4.x |
openvpn / openvpn | 2.1-rc_5 | 2.1-rc_5.x |
openvpn / openvpn | 2.1-rc_6 | 2.1-rc_6.x |
openvpn / openvpn | 2.1-rc_7 | 2.1-rc_7.x |
openvpn / openvpn | 2.1-rc_8 | 2.1-rc_8.x |