CVE-2018-9336
published 2018-05-01CVE-2018-9336: openvpnserv.exe (aka the interactive service helper) in OpenVPN 2.4.x before 2.4.6 allows a local attacker to cause a double-free of memory by sending a…
PriorityP433high7.8CVSS 3.0
AVLACLPRLUINSUCHIHAH
EPSS
0.61%
44.6th percentile
openvpnserv.exe (aka the interactive service helper) in OpenVPN 2.4.x before 2.4.6 allows a local attacker to cause a double-free of memory by sending a malformed request to the interactive service. This could cause a denial-of-service through memory corruption or possibly have unspecified other impact including privilege escalation.
Affected
21 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | openvpn | — | — |
| openvpn | openvpn | >= 0 < 2.4.6-r0 | 2.4.6-r0 |
| openvpn | openvpn | >= 0 < 2.4.6-r0 | 2.4.6-r0 |
| openvpn | openvpn | >= 0 < 2.4.6-r0 | 2.4.6-r0 |
| openvpn | openvpn | >= 0 < 2.4.6-r0 | 2.4.6-r0 |
| openvpn | openvpn | >= 0 < 2.4.6-r0 | 2.4.6-r0 |
| openvpn | openvpn | >= 0 < 2.4.6-r0 | 2.4.6-r0 |
| openvpn | openvpn | >= 0 < 2.4.6-r0 | 2.4.6-r0 |
| openvpn | openvpn | >= 0 < 2.4.6-r0 | 2.4.6-r0 |
| openvpn | openvpn | >= 0 < 2.4.6-r0 | 2.4.6-r0 |
| openvpn | openvpn | >= 0 < 2.4.6-r0 | 2.4.6-r0 |
| openvpn | openvpn | >= 0 < 2.4.6-r0 | 2.4.6-r0 |
| openvpn | openvpn | >= 0 < 2.4.6-r0 | 2.4.6-r0 |
| openvpn | openvpn | >= 0 < 2.4.6-r0 | 2.4.6-r0 |
| openvpn | openvpn | >= 0 < 2.4.6-r0 | 2.4.6-r0 |
| openvpn | openvpn | >= 2.4.0 < 2.4.6 | 2.4.6 |
| slackware | slackware_linux | — | — |
| slackware | slackware_linux | — | — |
| slackware | slackware_linux | — | — |
| slackware | slackware_linux | — | — |
| slackware | slackware_linux | — | — |
CVSS provenance
nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.04.6MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P
osv7.8HIGH
vendor_debian7.8LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-9p34-3252-9gh9: openvpnserv
ghsa_unreviewed·2022-05-14
CVE-2018-9336 [HIGH] CWE-415 GHSA-9p34-3252-9gh9: openvpnserv
openvpnserv.exe (aka the interactive service helper) in OpenVPN 2.4.x before 2.4.6 allows a local attacker to cause a double-free of memory by sending a malformed request to the interactive service. This could cause a denial-of-service through memory corruption or possibly have unspecified other impact including privilege escalation.
OSV
CVE-2018-9336: openvpnserv
osv·2018-05-01·CVSS 7.8
CVE-2018-9336 [HIGH] CVE-2018-9336: openvpnserv
openvpnserv.exe (aka the interactive service helper) in OpenVPN 2.4.x before 2.4.6 allows a local attacker to cause a double-free of memory by sending a malformed request to the interactive service. This could cause a denial-of-service through memory corruption or possibly have unspecified other impact including privilege escalation.
Debian
CVE-2018-9336: openvpn - openvpnserv.exe (aka the interactive service helper) in OpenVPN 2.4.x before 2.4...
vendor_debian·2018·CVSS 7.8
CVE-2018-9336 [HIGH] CVE-2018-9336: openvpn - openvpnserv.exe (aka the interactive service helper) in OpenVPN 2.4.x before 2.4...
openvpnserv.exe (aka the interactive service helper) in OpenVPN 2.4.x before 2.4.6 allows a local attacker to cause a double-free of memory by sending a malformed request to the interactive service. This could cause a denial-of-service through memory corruption or possibly have unspecified other impact including privilege escalation.
Scope: local
bookworm: resolved
bullseye: resolved
forky: resolved
sid: resolved
trixie: resolved
No detection rules found.
No public exploits indexed.
Tenable
Tenable Research: May Vulnerability Disclosure Roundup
blogs_tenable·2018-06-26
Tenable Research: May Vulnerability Disclosure Roundup
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Tenable
Tenable Research: May Vulnerability Disclosure Roundup
blogs_tenable·2018-06-26·CVSS 9.8
[CRITICAL] Tenable Research: May Vulnerability Disclosure Roundup
Blog / Research
Subscribe
# Tenable Research: May Vulnerability Disclosure Roundup
Tenable Research
June 26, 2018
3 Min Read
Tenable Research has a dedicated team that performs vulnerability research on software and hardware from third-party vendors. The goal is to discover zero-day vulnerabilities and work with vendors to get them addressed before hackers discover and exploit them. This post provides an overview of all the vulnerabilities discovered by Tenable Research in May.
You can access all Tenable Research advisories here.
Cisco Prime Data Center Network Manager Remote Code Execution Vulnerability
CVE ID: CVE-2018-0258
Tenable Research Advisory: TRA-2018-11
Risk Factor: Critical
What do you need to know?
Tenable Research discovered a relative path traversal vulnerability
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackware-security.568761https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24https://github.com/OpenVPN/openvpn/commit/1394192b210cb3c6624a7419bcf3ff966742e79bhttps://github.com/OpenVPN/openvpn/releases/tag/v2.4.6https://www.tenable.com/security/research/tra-2018-09http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackware-security.568761https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24https://github.com/OpenVPN/openvpn/commit/1394192b210cb3c6624a7419bcf3ff966742e79bhttps://github.com/OpenVPN/openvpn/releases/tag/v2.4.6https://www.tenable.com/security/research/tra-2018-09
2018-05-01
Published