Guido Vranken, a data security researcher, has discovered four dangerous bugs in OpenVPN. Vranken reports using a fuzzer in order to discover them.
Here is a full list of the newly-discovered vulnerabilities with brief explanations:
By taking advantage of this vulnerability, an attacker can execute a remote server crash and a memory leak. In other words, this vulnerability can be used to drain the server of memory.
This exploit only affects those who use OpenVPN to connect to a Windows NTLM version 2 proxy. This vulnerability makes it possible to execute a man-in-the-middle type of attack, which could potentially lead to a data leak. The fact that passwords are stored in plain text is another reason for concern.
Abusing this bug can lead to crashing the OpenVPN server. To do this, an attacker needs to send crafted data to the system.
Affecting OpenVPN 2.4, this vulnerability can lead to crashes of TLS/PolarSSL-based servers.
Vranken also shared some additional insights into his bug-discovering methodology. For one, he believes that using a fuzzer is superior to reviewing the code manually. He said a human mind can only comprehend and retain a limited amount of information at any given time. Compared to specialised software, manual code reviewing simply pales in comparison.
Over the past two years, OpenVPN has been carrying out audits, but for some reason, they have missed these flaws.
To stay safe while using this software, you should not hesitate to download the automatic updates which address these issues.