CVE-2013-2061

low
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The openvpn_decrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when running in UDP mode, allows remote attackers to obtain sensitive information via a timing attack involving an HMAC comparison function that does not run in constant time and a padding oracle attack on the CBC mode cipher.

References

http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105568.html

http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105609.html

http://lists.opensuse.org/opensuse-updates/2013-11/msg00012.html

http://lists.opensuse.org/opensuse-updates/2013-11/msg00016.html

http://www.mandriva.com/security/advisories?name=MDVSA-2013:167

http://www.openwall.com/lists/oss-security/2013/05/06/6

https://bugs.gentoo.org/show_bug.cgi?id=468756

https://bugzilla.redhat.com/show_bug.cgi?id=960192

https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-f375aa67cc

https://github.com/OpenVPN/openvpn/commit/11d21349a4e7e38a025849479b36ace7c2eec2ee

Details

Source: MITRE

Published: 2013-11-18

Updated: 2020-05-12

Type: CWE-200

Risk Information

CVSS v2

Base Score: 2.6

Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 4.9

Severity: LOW

Tenable Plugins

View all (11 total)

IDNameProductFamilySeverity
125260OpenVPN < 2.3.1 Information Disclosure Vulnerability (Windows)NessusWindows
low
78041Ubuntu 12.04 LTS : openvpn vulnerability (USN-2368-1)NessusUbuntu Local Security Checks
low
75191openSUSE Security Update : openvpn (openSUSE-SU-2013:1645-1)NessusSuSE Local Security Checks
low
71137SuSE 11.3 Security Update : openvpn (SAT Patch Number 8493)NessusSuSE Local Security Checks
low
71136SuSE 11.2 Security Update : openvpn (SAT Patch Number 8496)NessusSuSE Local Security Checks
low
70997GLSA-201311-13 : OpenVPN: Multiple vulnerabilitiesNessusGentoo Local Security Checks
medium
69759Amazon Linux AMI : openvpn (ALAS-2013-201)NessusAmazon Linux Local Security Checks
low
66614Mandriva Linux Security Advisory : openvpn (MDVSA-2013:167)NessusMandriva Local Security Checks
low
66453Fedora 17 : openvpn-2.3.1-2.fc17 (2013-7552)NessusFedora Local Security Checks
low
66452Fedora 18 : openvpn-2.3.1-2.fc18 (2013-7531)NessusFedora Local Security Checks
low
65846FreeBSD : OpenVPN -- potential side-channel/timing attack when comparing HMACs (92f30415-9935-11e2-ad4c-080027ef73ec)NessusFreeBSD Local Security Checks
low