CVE-2013-2061 — Sensitive Information Exposure in Openvpn

CWE-200 — Sensitive Information Exposure9 documents7 sources

Severity

2.6LOWNVD

EPSS

1.5%

top 19.19%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Openvpn Debian Openvpn Opensuse +1 more

Timeline

PublishedNov 18

Latest updateAug 23

Description

The openvpn_decrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when running in UDP mode, allows remote attackers to obtain sensitive information via a timing attack involving an HMAC comparison function that does not run in constant time and a padding oracle attack on the CBC mode cipher.

CVSS vector

AV:N/AC:H/C:P/I:N/A:NExploitability: 4.9 | Impact: 2.9

Affected Packages5 packages

▶debiandebian/openvpn< openvpn 2.3.1-1 (bookworm)

▶Debianopenvpn/openvpn< 2.3.1-1+3

▶NVDopenvpn/openvpn2.3.0+13

▶NVDopenvpn/openvpn_access_server2.0.0

▶NVDopensuse/opensuse11.4

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

GHSA-j3mr-328w-64j3: The openvpn_decrypt function in crypto↗2022-05-13

▶

OSV

CVE-2013-2061: The openvpn_decrypt function in crypto↗2013-11-18

▶

📋Vendor Advisories

Ubuntu

OpenVPN vulnerability↗2014-10-02

▶

Debian

CVE-2013-2061: openvpn - The openvpn_decrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when runn...↗2013

▶

📄Research Papers

arXiv

Empirical Analysis of Software Vulnerabilities Causing Timing Side Channels↗2023-08-23

▶

💬Community

Bugzilla

CVE-2013-2061 openvpn: use of non-constant-time memcmp in HMAC comparison in openvpn_decrypt↗2013-05-06

▶

Bugzilla

CVE-2013-2061 openvpn: use of non-constant-time memcmp in HMAC comparison in openvpn_decrypt [fedora-all]↗2013-05-06

▶

Bugzilla

CVE-2013-2061 openvpn: use of non-constant-time memcmp in HMAC comparison in openvpn_decrypt [epel-all]↗2013-05-06

▶