FKIE_CVE-2013-2061

Vulnerability from fkie_nvd - Published: 2013-11-18 02:55 - Updated: 2026-04-29 01:13
Severity
Summary
The openvpn_decrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when running in UDP mode, allows remote attackers to obtain sensitive information via a timing attack involving an HMAC comparison function that does not run in constant time and a padding oracle attack on the CBC mode cipher.
References
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2013-May/105568.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2013-May/105609.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-updates/2013-11/msg00012.htmlVendor Advisory
secalert@redhat.comhttp://lists.opensuse.org/opensuse-updates/2013-11/msg00016.html
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2013:167
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2013/05/06/6
secalert@redhat.comhttps://bugs.gentoo.org/show_bug.cgi?id=468756
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=960192
secalert@redhat.comhttps://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-f375aa67cc
secalert@redhat.comhttps://github.com/OpenVPN/openvpn/commit/11d21349a4e7e38a025849479b36ace7c2eec2eeExploit, Patch
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105568.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105609.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2013-11/msg00012.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2013-11/msg00016.html
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2013:167
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2013/05/06/6
af854a3a-2127-422b-91ae-364da2661108https://bugs.gentoo.org/show_bug.cgi?id=468756
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=960192
af854a3a-2127-422b-91ae-364da2661108https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-f375aa67cc
af854a3a-2127-422b-91ae-364da2661108https://github.com/OpenVPN/openvpn/commit/11d21349a4e7e38a025849479b36ace7c2eec2eeExploit, Patch
Impacted products
Vendor Product Version
openvpn openvpn *
openvpn openvpn 1.2.0
openvpn openvpn 1.2.1
openvpn openvpn 1.3.0
openvpn openvpn 1.3.1
openvpn openvpn 1.3.2
openvpn openvpn 1.4.0
openvpn openvpn 1.4.1
openvpn openvpn 1.4.2
openvpn openvpn 1.4.3
openvpn openvpn 1.5.0
openvpn openvpn 1.6.0
openvpn openvpn 2.1.0
openvpn openvpn 2.2.0
openvpn openvpn_access_server 2.0.0
opensuse opensuse 11.4
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:openvpn:openvpn:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC35891F-BC4F-4DBB-8879-4952685D419E",
              "versionEndIncluding": "2.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openvpn:openvpn:1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "912E57A3-A4D0-4736-858F-51A500E886B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openvpn:openvpn:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13960B6E-F1E8-49E5-88A0-ECCC938AC4DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openvpn:openvpn:1.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "862743EA-7B6E-4478-AD90-1F930E97BB2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openvpn:openvpn:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "79114721-FA19-43FF-8030-74652FCF937B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openvpn:openvpn:1.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A3AF5D2-21CC-4243-A2A4-99273B7AD9D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openvpn:openvpn:1.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B693F0CA-7A3A-42CA-A6BE-62D840CE336C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openvpn:openvpn:1.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "345C3123-7E73-4094-8764-8BF881B6ABE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openvpn:openvpn:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F00F2FF1-9CC2-446B-9468-1FB7D40371E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openvpn:openvpn:1.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB625AC3-B428-44BB-99F4-F0FE00DA1C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openvpn:openvpn:1.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C25DDCBB-798B-43BF-88FF-2EDB57BEA01F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openvpn:openvpn:1.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3F6FE9B-62E0-47E3-A977-DA51249A353B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openvpn:openvpn:2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "88C2922E-6E95-45BF-ABF1-B1D799769DB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openvpn:openvpn:2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D915A07-3B93-4D7C-8D52-73B696392B46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openvpn:openvpn_access_server:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "486CD3E2-1B1A-4A1D-98ED-0E2EEAB0A0CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The openvpn_decrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when running in UDP mode, allows remote attackers to obtain sensitive information via a timing attack involving an HMAC comparison function that does not run in constant time and a padding oracle attack on the CBC mode cipher."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n openvpn_decrypt en el archivo crypto.c en OpenVPN versiones 2.3.0 y anteriores, cuando se ejecuta en modo UDP, permite a los atacantes remotos obtener informaci\u00f3n confidencial por medio de un ataque de sincronizaci\u00f3n que implica una funci\u00f3n de comparaci\u00f3n HMAC que no se ejecuta en tiempo constante y un ataque de tipo padding oracle en el cifrado en modo CBC."
    }
  ],
  "id": "CVE-2013-2061",
  "lastModified": "2026-04-29T01:13:23.040",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-11-18T02:55:07.530",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105568.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105609.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00012.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00016.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:167"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2013/05/06/6"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugs.gentoo.org/show_bug.cgi?id=468756"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=960192"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-f375aa67cc"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "https://github.com/OpenVPN/openvpn/commit/11d21349a4e7e38a025849479b36ace7c2eec2ee"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105568.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105609.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00012.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00016.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:167"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2013/05/06/6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugs.gentoo.org/show_bug.cgi?id=468756"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=960192"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-f375aa67cc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "https://github.com/OpenVPN/openvpn/commit/11d21349a4e7e38a025849479b36ace7c2eec2ee"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.