CVE-2005-3393

Publication date 1 November 2005

Last updated 17 July 2025

Ubuntu priority

Format string vulnerability in the foreign_option function in options.c for OpenVPN 2.0.x allows remote clients to execute arbitrary code via format string specifiers in a push of the dhcp-option command option.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
openvpn	7.04 feisty	Fixed 2.0.6-1
	6.10 edgy	Fixed 2.0.6-1
	6.06 LTS dapper	Fixed 2.0.6-1

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2005-3393