Main Vulnerability Database Vulnerabilities #VU7165

MitM attack in OpenVPN for Windows - CVE-2017-7520

Published: June 22, 2017

Vulnerability identifier: #VU7165

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2017-7520

CWE-ID: CWE-200

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: OpenVPN

Affected software:
OpenVPN for Windows

Detailed vulnerability description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack or obtain potentially sensitive client's information.

If clients use a HTTP proxy with NTLM authentication (i.e. "--http-proxy <server> <port> [<authfile>|'auto'|'auto-nct'] ntlm2"), a man-in-the-middle attacker between the client and the proxy can cause the client to crash or disclose at most 96 bytes of stack memory. The disclosed stack memory is likely to contain the proxy password.

How to mitigate CVE-2017-7520

Update OpenVPN to version 2.4.3.

Sources

https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24

MitM attack in OpenVPN for Windows - CVE-2017-7520

Detailed vulnerability description

How to mitigate CVE-2017-7520

Sources

Please verify you're human