Privilege Escalation Vulnerability in Tunnelblick by OpenVPN
CVE-2012-3486

Currently unrated

Key Information:

Vendor

Google
Status
Tunnelblick
Vendor
CVE Published:
26 August 2012

What is CVE-2012-3486?

Tunnelblick versions 3.3beta20 and earlier contain a vulnerability that allows local users to escalate privileges. This occurs when an OpenVPN configuration file is improperly set up to execute a script upon specific OpenVPN events. Malicious users can exploit this condition to gain elevated privileges, posing significant security risks to systems using Tunnelblick.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.openwall.com/lists/oss-security/2012/08/14/1
mailing-listx_refsource_MLIST
http://code.google.com/p/tunnelblick/issues/detail?id=212
x_refsource_CONFIRM
http://archives.neohapsis.com/archives/fulldisclosure/201...
mailing-listx_refsource_FULLDISC

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.