scif_yar: (Default)
[personal profile] scif_yar posting in [community profile] ru_sysadmins
OpenVPN has this week patched four vulnerabilities, including a critical remote code execution bug, a little more than a month after the results of two security audits of the open source VPN software were published.

The patches were released after private disclosures in May and June by researcher Guido Vranken of the Netherlands. Vranken said the vulnerabilities were not turned up in either audit, which were a combination of manual source code reviews and automated scanning; Vranken said he exclusively used a fuzzer to find these bugs

The most critical vulnerability, CVE-2017-7521, affects OpenVPN server side and could allow an authenticated hacker to run code on a compromised box.
https://threatpost.com/openvpn-patches-critical-remote-code-execution-vulnerability/126425/

Миллион миллион миллион красных глаз ..

Profile

Сисадмины всех кофеварок, соединяйтесь!

September 2017

S M T W T F S
     12
3456789
1011121314 1516
17181920212223
24252627282930

Most Popular Tags

Style Credit

Expand Cut Tags

No cut tags
Page generated Sep. 22nd, 2017 04:26 am
Powered by Dreamwidth Studios