Jump to content
Main menu
Main menu
move to sidebar
hide
Navigation
Main page
Recent changes
Help about MediaWiki
FUTO
Search
Search
Appearance
Create account
Log in
Personal tools
Create account
Log in
Pages for logged out editors
learn more
Contributions
Talk
Editing
Introduction to a Self Managed Life: a 13 hour & 28 minute presentation by FUTO software
(section)
Main Page
Discussion
English
Read
Edit
Edit source
View history
Tools
Tools
move to sidebar
hide
Actions
Read
Edit
Edit source
View history
General
What links here
Related changes
Special pages
Page information
Appearance
move to sidebar
hide
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
==== 1. CVE-2024-27459, CVE-2024-24974, CVE-2024-27903, CVE-2024-1305 ==== * '''Discovered''': March 2024 * '''Description''': Multiple vulnerabilities were found, mainly affecting OpenVPN’s client-side on Windows, Android, iOS, macOS, and BSD. These included stack overflow, unauthorized access, & plugin flaws leading to potential remote code execution (RCE) and local privilege escalation (LPE). Users were advised to update to OpenVPN versions 2.6.10 or 2.5.10 to mitigate the risks. ''You can only update OpenVPN versions if your router lets you.'' <blockquote>'''Terminology note:''' “client-side” means the part of the software that runs on your device (like a computer or smartphone), as opposed to “server-side,” which would be the part running on a remote server (Apple/Google’s server). “Remote Code Execution (RCE)” is a vulnerability that lets a hacker run code they want to run on your device. “Local Privilege Escalation (LPE)” means a vulnerability that lets a hacker get higher permissions (i.e. becoming an admin rather than being a regular user) allowing them to do things they shouldn’t or gain full control over your system. </blockquote> * '''Sources''': * [https://cybersecuritynews.com/openvpn-vulnerabilities-rce-attack/ Cybersecurity News] * [https://openvpn.net/security-advisories/ OpenVPN Security Advisory] * [https://campustechnology.com/Articles/2024/08/16/Report-Increasing-Number-of-Vulnerabilities-in-OpenVPN.aspx Campus Technology] <span id="code-signing-key-intrusion-openvpn-2.5.8"></span>
Summary:
Please note that all contributions to FUTO may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see
FUTO:Copyrights
for details).
Do not submit copyrighted work without permission!
To protect the wiki against automated edit spam, we kindly ask you to solve the following hCaptcha:
Cancel
Editing help
(opens in new window)