Jump to content

Advisories (MDKSA-2006:069 ): openvpn


Recommended Posts

Mandriva Advisories MDKSA-2006:069 : openvpn


Updated openvpn packages fix vulnerability

April 10th, 2006


A vulnerability in OpenVPN 2.0 through 2.0.5 allows a malicious server to execute arbitrary code on the client by using setenv with the LD_PRELOAD environment variable. Updated packages have been patched to correct this issue by removing setenv support.



The released versions of Mandriva GNU/Linux affected are:

  • MNF2.0
  • 2006.0

Full information about this advisory, including the updated packages, is available at:



Other references:



Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $)

Link to comment
Share on other sites


  • Create New...