rpm package
opensuse/openfortivpn&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/openfortivpn&distro=openSUSE%20Tumbleweed
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-7043 | — | < 1.17.1-1.1 | 1.17.1-1.1 | Feb 27, 2020 | An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL before 1.0.2. tunnel.c mishandles certificate validation because hostname comparisons do not consider '\0' characters, as demonstrated by a good.example.com\x00evil.example.com attack. | ||
| CVE-2020-7042 | — | < 1.17.1-1.1 | 1.17.1-1.1 | Feb 27, 2020 | An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c mishandles certificate validation because the hostname check operates on uninitialized memory. The outcome is that a valid certificate is never accepted (only a malformed certificate ma | ||
| CVE-2020-7041 | — | < 1.17.1-1.1 | 1.17.1-1.1 | Feb 27, 2020 | An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c mishandles certificate validation because an X509_check_host negative error code is interpreted as a successful return value. |
- CVE-2020-7043Feb 27, 2020affected < 1.17.1-1.1fixed 1.17.1-1.1
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL before 1.0.2. tunnel.c mishandles certificate validation because hostname comparisons do not consider '\0' characters, as demonstrated by a good.example.com\x00evil.example.com attack.
- CVE-2020-7042Feb 27, 2020affected < 1.17.1-1.1fixed 1.17.1-1.1
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c mishandles certificate validation because the hostname check operates on uninitialized memory. The outcome is that a valid certificate is never accepted (only a malformed certificate ma
- CVE-2020-7041Feb 27, 2020affected < 1.17.1-1.1fixed 1.17.1-1.1
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c mishandles certificate validation because an X509_check_host negative error code is interpreted as a successful return value.