Description

OpenVPN 2.0 through 2.0.5 allows remote malicious servers to execute arbitrary code on the client by using setenv with the LD_PRELOAD environment variable.

Remediation

References

CVE-2006-1629

Related Vulnerabilities

MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-29002)

WordPress Plugin wpStoreCart 'upload.php' Arbitrary File Upload (2.5.29)

WordPress Plugin WP Activity Log Security Bypass (4.0.1)

WordPress Plugin JoomSport-for Sports: Team & League, Football, Hockey & more SQL Injection (3.3)

WordPress Plugin Chat-Support Board-WordPress Chat Multiple SQL Injection Vulnerabilities (3.3.3)

Severity

Critical

Classification

CVE-2006-1629

Tags

Missing Update Known Vulnerabilities