ID

VAR-200605-0584


CVE

CVE-2006-2229


TITLE

OpenVPN management interface TCP session information disclosure vulnerability

Trust: 0.6

sources: CNVD: CNVD-2006-2916

DESCRIPTION

OpenVPN 2.0.7 and earlier, when configured to use the --management option with an IP that is not 127.0.0.1, uses a cleartext password for TCP sessions to the management interface, which might allow remote attackers to view sensitive information or cause a denial of service. OpenVPN is prone to a denial-of-service vulnerability

Trust: 1.71

sources: NVD: CVE-2006-2229 // CNVD: CNVD-2006-2916 // BID: 87623

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2006-2916

AFFECTED PRODUCTS

vendor:openvpnmodel:openvpnscope:eqversion:2.0

Trust: 1.9

vendor:openvpnmodel:openvpnscope:eqversion:2.0_beta5

Trust: 1.6

vendor:openvpnmodel:openvpnscope:eqversion:2.0_beta18

Trust: 1.6

vendor:openvpnmodel:openvpnscope:eqversion:2.0_beta3

Trust: 1.6

vendor:openvpnmodel:openvpnscope:eqversion:2.0_beta4

Trust: 1.6

vendor:openvpnmodel:openvpnscope:eqversion:2.0_beta6

Trust: 1.6

vendor:openvpnmodel:openvpnscope:eqversion:2.0_beta20

Trust: 1.6

vendor:openvpnmodel:openvpnscope:eqversion:2.0_beta28

Trust: 1.6

vendor:openvpnmodel:openvpnscope:eqversion:2.0_beta7

Trust: 1.6

vendor:openvpnmodel:openvpnscope:eqversion:2.0_beta2

Trust: 1.6

vendor:openvpnmodel:openvpnscope:eqversion:2.0_beta19

Trust: 1.6

vendor:openvpnmodel:openvpnscope:eqversion:2.0_test10

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_test25

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_rc13

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_beta12

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_rc7

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_beta16

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_test26

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_beta15

Trust: 1.0

vendor:openvpnmodel:access serverscope:eqversion:2.0.5

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_beta8

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_beta13

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_rc20

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_rc11

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_beta11

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_beta1

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_rc4

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_test22

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_test2

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_test4

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0.2_rc1

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_rc1

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_rc8

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_beta17

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_rc15

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_test14

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_test17

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_test20

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_test15

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0.1_rc6

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_rc6

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_rc3

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_rc21

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0.6_rc1

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_test21

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_beta10

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_rc19

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_test11

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0.1_rc7

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_test6

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_rc5

Trust: 1.0

vendor:openvpnmodel:access serverscope:eqversion:2.0.2

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_rc17

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_rc2

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_test5

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0.1_rc1

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_rc14

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_test27

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0.3_rc1

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_rc10

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0.1_rc5

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0.1_rc2

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_test19

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_test1

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_test29

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_test18

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_test3

Trust: 1.0

vendor:openvpnmodel:access serverscope:eqversion:2.0.6

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_beta9

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0.1_rc4

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_test9

Trust: 1.0

vendor:openvpnmodel:access serverscope:eqversion:2.0.1

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_test12

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_test23

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_test24

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0.4

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0.1_rc3

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_rc18

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_rc12

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_test7

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_test16

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_rc9

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_rc16

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0_test8

Trust: 1.0

vendor:openvpnmodel:access serverscope:eqversion:2.0.7

Trust: 1.0

vendor:openvpnmodel:openvpnscope:eqversion:2.0.1

Trust: 0.9

vendor:openvpnmodel:2.0.1 rc1scope: - version: -

Trust: 0.6

vendor:openvpnmodel:2.0.1 rc2scope: - version: -

Trust: 0.6

vendor:openvpnmodel:2.0.1 rc3scope: - version: -

Trust: 0.6

vendor:openvpnmodel:2.0.1 rc4scope: - version: -

Trust: 0.6

vendor:openvpnmodel:2.0.1 rc5scope: - version: -

Trust: 0.6

vendor:openvpnmodel:openvpnscope:eqversion:3.1.3

Trust: 0.3

vendor:openvpnmodel:openvpnscope:eqversion:2.0.7

Trust: 0.3

vendor:openvpnmodel:rc5scope:eqversion:2.0.1

Trust: 0.3

vendor:openvpnmodel:rc4scope:eqversion:2.0.1

Trust: 0.3

vendor:openvpnmodel:rc3scope:eqversion:2.0.1

Trust: 0.3

vendor:openvpnmodel:rc2scope:eqversion:2.0.1

Trust: 0.3

vendor:openvpnmodel:rc1scope:eqversion:2.0.1

Trust: 0.3

vendor:openvpnmodel:rc1scope:eqversion:2.0.6

Trust: 0.3

vendor:openvpnmodel:openvpnscope:eqversion:2.0.6

Trust: 0.3

vendor:openvpnmodel:openvpnscope:eqversion:2.0.5

Trust: 0.3

vendor:openvpnmodel:rc1scope:eqversion:2.0.3

Trust: 0.3

vendor:openvpnmodel:rc1scope:eqversion:2.0.2

Trust: 0.3

vendor:openvpnmodel:openvpnscope:eqversion:2.0.2

Trust: 0.3

vendor:openvpnmodel:rc7scope:eqversion:2.0.1

Trust: 0.3

vendor:openvpnmodel:rc6scope:eqversion:2.0.1

Trust: 0.3

vendor:openvpnmodel:test9scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:test8scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:test7scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:test6scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:test5scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:test4scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:test3scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:test29scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:test27scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:test26scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:test25scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:test24scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:test23scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:test22scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:test21scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:test20scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:test2scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:test19scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:test18scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:test17scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:test16scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:test15scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:test14scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:test12scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:test11scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:test10scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:test1scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:rc9scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:rc8scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:rc7scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:rc6scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:rc5scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:rc4scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:rc3scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:rc21scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:rc20scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:rc2scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:rc19scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:rc18scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:rc17scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:rc16scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:rc15scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:rc14scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:rc13scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:rc12scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:rc11scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:rc10scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:rc1scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:beta9scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:beta8scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:beta7scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:beta6scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:beta5scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:beta4scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:beta3scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:beta28scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:beta20scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:beta2scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:beta19scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:beta18scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:beta17scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:beta16scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:beta15scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:beta13scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:beta12scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:beta11scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:beta10scope:eqversion:2.0

Trust: 0.3

vendor:openvpnmodel:beta1scope:eqversion:2.0

Trust: 0.3

sources: CNVD: CNVD-2006-2916 // BID: 87623 // CNNVD: CNNVD-200605-102 // NVD: CVE-2006-2229

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2006-2229
value: MEDIUM

Trust: 1.0

CNVD: CNVD-2006-2916
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-200605-102
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2006-2229
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:H/AU:N/C:P/I:N/A:P
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 4.9
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

CNVD: CNVD-2006-2916
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:H/AU:N/C:P/I:N/A:P
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 4.9
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2006-2916 // CNNVD: CNNVD-200605-102 // NVD: CVE-2006-2229

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-2229

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200605-102

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200605-102

EXTERNAL IDS

db:NVDid:CVE-2006-2229

Trust: 2.5

db:OSVDBid:25660

Trust: 1.6

db:CNVDid:CNVD-2006-2916

Trust: 0.6

db:CNNVDid:CNNVD-200605-102

Trust: 0.6

db:BIDid:87623

Trust: 0.3

sources: CNVD: CNVD-2006-2916 // BID: 87623 // CNNVD: CNNVD-200605-102 // NVD: CVE-2006-2229

REFERENCES

url:http://openvpn.net/man.html

Trust: 1.9

url:http://www.securityfocus.com/archive/1/432863/100/0/threaded

Trust: 1.6

url:http://www.osvdb.org/25660

Trust: 1.6

url:http://www.securityfocus.com/archive/1/432867/100/0/threaded

Trust: 1.6

url:http://www.securityfocus.com/archive/1/433000/100/0/threaded

Trust: 1.6

url:http://www.securityfocus.com/archive/1/archive/1/432863/100/0/threaded

Trust: 0.9

url:http://www.securityfocus.com/archive/1/archive/1/433000/100/0/threaded

Trust: 0.3

url:http://www.securityfocus.com/archive/1/archive/1/432867/100/0/threaded

Trust: 0.3

sources: CNVD: CNVD-2006-2916 // BID: 87623 // CNNVD: CNNVD-200605-102 // NVD: CVE-2006-2229

CREDITS

Unknown

Trust: 0.3

sources: BID: 87623

SOURCES

db:CNVDid:CNVD-2006-2916
db:BIDid:87623
db:CNNVDid:CNNVD-200605-102
db:NVDid:CVE-2006-2229

LAST UPDATE DATE

2024-11-23T23:07:05.149000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2006-2916date:2006-05-05T00:00:00
db:BIDid:87623date:2006-05-05T00:00:00
db:CNNVDid:CNNVD-200605-102date:2020-05-13T00:00:00
db:NVDid:CVE-2006-2229date:2024-11-21T00:10:50.520

SOURCES RELEASE DATE

db:CNVDid:CNVD-2006-2916date:2006-05-05T00:00:00
db:BIDid:87623date:2006-05-05T00:00:00
db:CNNVDid:CNNVD-200605-102date:2006-05-05T00:00:00
db:NVDid:CVE-2006-2229date:2006-05-05T19:02:00