Description

OpenVPN 2.0 through 2.0.5 allows remote malicious servers to execute arbitrary code on the client by using setenv with the LD_PRELOAD environment variable.

Remediation

References

CVE-2006-1629

Related Vulnerabilities

ownCloud Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2013-0204)

WordPress Plugin CBX Petition for WordPress SQL Injection (1.0.3)

Ruby on Rails Deserialization of Untrusted Data Vulnerability (CVE-2020-8165)

OpenSSL NULL Pointer Dereference Vulnerability (CVE-2022-3358)

WordPress Plugin WP Cerber Security, Anti-spam & Malware Scan Security Bypass (9.0)

Severity

Critical

Classification

CVE-2006-1629

Tags

Missing Update Known Vulnerabilities