fkie_cve-2013-2061
Vulnerability from fkie_nvd
Published
2013-11-18 02:55
Modified
2025-04-11 00:51
Severity ?
Summary
The openvpn_decrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when running in UDP mode, allows remote attackers to obtain sensitive information via a timing attack involving an HMAC comparison function that does not run in constant time and a padding oracle attack on the CBC mode cipher.
References
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2013-May/105568.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2013-May/105609.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-updates/2013-11/msg00012.htmlVendor Advisory
secalert@redhat.comhttp://lists.opensuse.org/opensuse-updates/2013-11/msg00016.html
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2013:167
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2013/05/06/6
secalert@redhat.comhttps://bugs.gentoo.org/show_bug.cgi?id=468756
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=960192
secalert@redhat.comhttps://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-f375aa67cc
secalert@redhat.comhttps://github.com/OpenVPN/openvpn/commit/11d21349a4e7e38a025849479b36ace7c2eec2eeExploit, Patch
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105568.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105609.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2013-11/msg00012.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2013-11/msg00016.html
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2013:167
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2013/05/06/6
af854a3a-2127-422b-91ae-364da2661108https://bugs.gentoo.org/show_bug.cgi?id=468756
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=960192
af854a3a-2127-422b-91ae-364da2661108https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-f375aa67cc
af854a3a-2127-422b-91ae-364da2661108https://github.com/OpenVPN/openvpn/commit/11d21349a4e7e38a025849479b36ace7c2eec2eeExploit, Patch
Impacted products
Vendor Product Version
openvpn openvpn *
openvpn openvpn 1.2.0
openvpn openvpn 1.2.1
openvpn openvpn 1.3.0
openvpn openvpn 1.3.1
openvpn openvpn 1.3.2
openvpn openvpn 1.4.0
openvpn openvpn 1.4.1
openvpn openvpn 1.4.2
openvpn openvpn 1.4.3
openvpn openvpn 1.5.0
openvpn openvpn 1.6.0
openvpn openvpn 2.1.0
openvpn openvpn 2.2.0
openvpn openvpn_access_server 2.0.0
opensuse opensuse 11.4


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:openvpn:openvpn:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC35891F-BC4F-4DBB-8879-4952685D419E",
              "versionEndIncluding": "2.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openvpn:openvpn:1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "912E57A3-A4D0-4736-858F-51A500E886B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openvpn:openvpn:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13960B6E-F1E8-49E5-88A0-ECCC938AC4DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openvpn:openvpn:1.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "862743EA-7B6E-4478-AD90-1F930E97BB2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openvpn:openvpn:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "79114721-FA19-43FF-8030-74652FCF937B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openvpn:openvpn:1.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A3AF5D2-21CC-4243-A2A4-99273B7AD9D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openvpn:openvpn:1.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B693F0CA-7A3A-42CA-A6BE-62D840CE336C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openvpn:openvpn:1.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "345C3123-7E73-4094-8764-8BF881B6ABE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openvpn:openvpn:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F00F2FF1-9CC2-446B-9468-1FB7D40371E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openvpn:openvpn:1.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB625AC3-B428-44BB-99F4-F0FE00DA1C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openvpn:openvpn:1.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C25DDCBB-798B-43BF-88FF-2EDB57BEA01F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openvpn:openvpn:1.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3F6FE9B-62E0-47E3-A977-DA51249A353B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openvpn:openvpn:2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "88C2922E-6E95-45BF-ABF1-B1D799769DB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openvpn:openvpn:2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D915A07-3B93-4D7C-8D52-73B696392B46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openvpn:openvpn_access_server:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "486CD3E2-1B1A-4A1D-98ED-0E2EEAB0A0CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The openvpn_decrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when running in UDP mode, allows remote attackers to obtain sensitive information via a timing attack involving an HMAC comparison function that does not run in constant time and a padding oracle attack on the CBC mode cipher."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n openvpn_decrypt en el archivo crypto.c en OpenVPN versiones 2.3.0 y anteriores, cuando se ejecuta en modo UDP, permite a los atacantes remotos obtener informaci\u00f3n confidencial por medio de un ataque de sincronizaci\u00f3n que implica una funci\u00f3n de comparaci\u00f3n HMAC que no se ejecuta en tiempo constante y un ataque de tipo padding oracle en el cifrado en modo CBC."
    }
  ],
  "id": "CVE-2013-2061",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-11-18T02:55:07.530",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105568.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105609.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00012.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00016.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:167"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2013/05/06/6"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugs.gentoo.org/show_bug.cgi?id=468756"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=960192"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-f375aa67cc"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "https://github.com/OpenVPN/openvpn/commit/11d21349a4e7e38a025849479b36ace7c2eec2ee"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105568.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105609.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00012.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00016.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:167"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2013/05/06/6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugs.gentoo.org/show_bug.cgi?id=468756"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=960192"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-f375aa67cc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "https://github.com/OpenVPN/openvpn/commit/11d21349a4e7e38a025849479b36ace7c2eec2ee"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.