CVE-2008-3459

Unspecified vulnerability in OpenVPN 2.1-beta14 through 2.1-rc8, when running on non-Windows systems, allows remote servers to execute arbitrary commands via crafted (1) lladdr and (2) iproute configuration directives, probably related to shell metacharacters.

🔗 References (10)

• secalert@redhathttp://openvpn.net/index.php/documentation/change-log/changelog-21.html
• secalert@redhathttp://www.securityfocus.com/bid/30532
• secalert@redhathttp://www.securitytracker.com/id?1020626
• secalert@redhathttp://www.vupen.com/english/advisories/2008/2316
• secalert@redhathttps://exchange.xforce.ibmcloud.com/vulnerabilities/44209
• af854a3a-2127-422b-91ae-364da2661108http://openvpn.net/index.php/documentation/change-log/changelog-21.html
• af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/30532
• af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1020626
• af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/2316
• af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/44209