By Dennis Fisher July 16, 2014
OpenVPN is advising users of its Desktop Client to upgrade as soon as possible to avoid attacks against a CSRF vulnerability that can allow remote code execution.
The vulnerability lies in a product that the company no longer supports and considers obsolete. An attacker could exploit the vulnerability if a user running a vulnerable version visits the attacker’s malicious site. Researchers at SEC Consult in Austria discovered the vulnerability and reported it to OpenVPN back in May.
Full Article
OpenVPN Warns Customers of CSRF Bug in Access Server Desktop Client
Userlevel 7
+54
Be the first to reply!
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.