[情报] The OpenVPN post-audit bug bonanza asdfghjklasd PTT批踢踢实业坊

[情报] The OpenVPN post-audit bug bonanza

楼主: asdfghjklasd (好累的大一生活) 2017-06-28 09:37:46

OpenVPN 最近有一点多的漏洞。
来源:
http://tinyurl.com/ycejjzol
漏洞:
CVE-2017-7521
Remote server crashes/double-free/memory leaks in certificate processing
CVE-2017-7520
Remote (including MITM) client crash, data leak
Reported to the OpenVPN security list on June 6. No CVE
Remote (including MITM) client stack buffer corruption
CVE-2017-7508
Remote server crash (forced assertion failure)
CVE-2017-7522
Crash mbed TLS/PolarSSL-based server
Reported to the OpenVPN security list on May 12 No CVE
Stack buffer overflow if long –tls-cipher is given
有兴趣了解的可以看来源连结。

继续阅读

[闲聊] 2017.W26 - 杂凑函数用数位货币为例CMJ0121 [问题] CHROME随机重新导向到2345首页shimao0219 [闲聊] 2017.W25 - 漏洞挖掘以 The Stack Clash 为例CMJ0121 [问题] Nginx log出现怪异讯息walelile [问题] 有关mac address 修改及匿名shawnjoe [闲聊] 2017.W24 - 逆向工程 (Reverse Engineering)CMJ0121 [问题] 关于网络聊天Snowingday [闲聊] 2017.W23 - 社交工程 (Social Engineering)CMJ0121 [闲聊] 看电影学资安-CSI Cyber S02E01AIRY0812 [闲聊] 2017.W22 - SQL InjectionCMJ0121