2025-01-06 13:52:20
OpenVPN
PUBLISHED
OpenVPN before 2.6.11 does not santize PUSH_REPLY messages properly which an attacker controlling the server can use to inject unexpected arbitrary data ending up in client logs.