Re: [Openvpn-devel] OpenVPN 2.1-beta12 released

James Yonan wrote: 2006.04.05 -- Version 2.1-beta12 * Security Vulnerability -- An OpenVPN client connecting to a malicious or compromised server could potentially receive "setenv" configuration directives from the server which could cause arbitrary code execution on the client via a LD_PRELO

Re: [Openvpn-devel] OpenVPN 2.0.6 released

James: What is the MITRE CVE name for this vulnerability? CVE-2006-1629 James

[Openvpn-devel] Who develops TAP-Win32?

I'd like to ask few questions about TAP-Win32 behaviour on winXP-SP2. In particular I'd like to know how to make it fully support NetBEUI broadcasts. Tony.

Re: [Openvpn-devel] Maybe a bug using password protected private keys

Hi again, It seems like OpenVPN simly ignores äöü & Co. I can add them at the end of a "normal" Password and it's still valid. Bye, Michael Michael Kaufmann wrote: > Hi, > > I'm currently testing some cases for password input and how passwords > could look like. I use the management interfac

[Openvpn-devel] Maybe a bug using password protected private keys

Hi, I'm currently testing some cases for password input and how passwords could look like. I use the management interface to do so. Two cases went wrong: 1. Input a password with german umlaute, e.g. password "Private Key" "äöüß" 2. Input empty password password "Private Key" "" 3. Input "normal"

[Openvpn-devel] Re: [PATCH] Enable compliation under Darwin

Roy Marples wrote: --- openvpn-2.0.4/plugin/down-root/Makefile.orig2005-11-02 20:25:40.0 +0100 +++ openvpn-2.0.4/plugin/down-root/Makefile 2005-11-02 20:31:53.0 +0100 @@ -7,11 +7,22 @@ CC_FLAGS=-O2 -Wall +ifeq ($(USERLAND),Darwin) + LIBNAME=dylib +else +

[Openvpn-devel] [PATCH] Enable compliation under Darwin

Hi List! Attached is a patch we use in Gentoo (well, the only patch) that allows compilation on on ppc-macos (Darwin). I don't have this platform myself, but our ppc-macos users seem to need it, so I'm submitting it for upstream inclusion. Thanks! -- Roy Marples Gentoo Linux Developer --- o

Re: [Openvpn-devel] OpenVPN 2.0.6 released

On Wed, 05 Apr 2006, James Yonan wrote: > 2006.04.05 -- Version 2.0.6 > > * Security Vulnerability affecting OpenVPN 2.0 through 2.0.5. > An OpenVPN client connecting to a > malicious or compromised server could potentially receive > "setenv" configuration directives from the server which coul

[Openvpn-devel] OpenVPN 2.1-beta12 released

2006.04.05 -- Version 2.1-beta12 * Security Vulnerability -- An OpenVPN client connecting to a malicious or compromised server could potentially receive "setenv" configuration directives from the server which could cause arbitrary code execution on the client via a LD_PRELOAD attack. A succe

[Openvpn-devel] OpenVPN 2.0.6 released

2006.04.05 -- Version 2.0.6 * Security Vulnerability affecting OpenVPN 2.0 through 2.0.5. An OpenVPN client connecting to a malicious or compromised server could potentially receive "setenv" configuration directives from the server which could cause arbitrary code execution on the client via