Hello, welcome to the Thursday, June 22nd, 2017 edition of the Sansanet Storms anders Stormcast.

My name is Johannes Ulrich and the name am recording from Minneapolis, Minnesota.

A few weeks ago, I reported about OpenVPN undergoing a code review and security audit, which resulted in only relatively minor vulnerabilities

being found and of course fixed within OpenVPN.

Well, a big surprise today we got four more vulnerabilities in OpenVPN that were found

independently of the security audit via

fusing kind of the point of the author here is that the security audits using

code review only get you so far that with the complexity of some of the software

fusing appears to be a more thorough and more efficient way of

finding security vulnerabilities. So really, yet another great example about how fusing can

augment some of the more traditional techniques like code review. Luckily, none of the four

vulnerabilities I would consider really critical.

Three of them are pretty much denial of service vulnerabilities.

The fourth one is remote client stack buffer corruption, which may in some cases be exploitable,

not really sure, but as the author here of the report states that it's

very unlikely to actually happen in order for this fourth vulnerability to be

exploited and to actually to be vulnerable you need to have NtLM version 2 used and

the user actually needs to specify a username ending in backslash.

And it depends on a very specific stack layout.

So overall, don't panic, apply patches as they are being released.

These vulnerabilities have been disclosed to the open VPN team and patches are available.

So thanks to Guido Franken for actually taking the time to find and report these vulnerabilities.

...