Oval Definition:oval:com.ubuntu.precise:def:20132061000
Revision Date:2013-11-17Version:1
Title:CVE-2013-2061 on Ubuntu 12.04 LTS (precise) - low.
Description:The openvpn_decrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when running in UDP mode, allows remote attackers to obtain sensitive information via a timing attack involving an HMAC comparison function that does not run in constant time and a padding oracle attack on the CBC mode cipher.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2013-2061
Platform(s):Ubuntu 12.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 12.04 LTS (precise) is installed.
  • AND The 'openvpn' package in precise was vulnerable but has been fixed (note: '2.2.1-8ubuntu1.3').
  • BACK