CVE-2006-2229 - 漏洞详情

CVE-2006-2229 (CNNVD-200605-102)

MEDIUM

中文标题:

OpenVPN management管理接口TCP会话信息泄露漏洞

英文标题:

OpenVPN 2.0.7 and earlier, when configured to use the --management option with an IP that is not 127...

CVSS分数: 4.0

发布时间: 2006-05-05 19:00:00

漏洞类型: 其他

状态: PUBLISHED

数据质量分数: 0.30

数据版本: v3

漏洞描述

中文描述:

OpenVPN 2.0.7及之前版本在配置为使用 IP不是127.0.0.1的 --management选项时，为管理接口的TCP会话使用明文密码，可能使远程攻击者看到敏感信息或引起拒绝服务。

英文描述:

OpenVPN 2.0.7 and earlier, when configured to use the --management option with an IP that is not 127.0.0.1, uses a cleartext password for TCP sessions to the management interface, which might allow remote attackers to view sensitive information or cause a denial of service.

CWE类型:

（暂无数据）

受影响产品

厂商	产品	版本	版本范围	平台	CPE
openvpn	openvpn	2.0	-	-	`cpe:2.3:a:openvpn:openvpn:2.0:::::::*`
openvpn	openvpn	2.0.1_rc1	-	-	`cpe:2.3:a:openvpn:openvpn:2.0.1_rc1:::::::*`
openvpn	openvpn	2.0.1_rc2	-	-	`cpe:2.3:a:openvpn:openvpn:2.0.1_rc2:::::::*`
openvpn	openvpn	2.0.1_rc3	-	-	`cpe:2.3:a:openvpn:openvpn:2.0.1_rc3:::::::*`
openvpn	openvpn	2.0.1_rc4	-	-	`cpe:2.3:a:openvpn:openvpn:2.0.1_rc4:::::::*`
openvpn	openvpn	2.0.1_rc5	-	-	`cpe:2.3:a:openvpn:openvpn:2.0.1_rc5:::::::*`
openvpn	openvpn	2.0.1_rc6	-	-	`cpe:2.3:a:openvpn:openvpn:2.0.1_rc6:::::::*`
openvpn	openvpn	2.0.1_rc7	-	-	`cpe:2.3:a:openvpn:openvpn:2.0.1_rc7:::::::*`
openvpn	openvpn	2.0.2_rc1	-	-	`cpe:2.3:a:openvpn:openvpn:2.0.2_rc1:::::::*`
openvpn	openvpn	2.0.3_rc1	-	-	`cpe:2.3:a:openvpn:openvpn:2.0.3_rc1:::::::*`
openvpn	openvpn	2.0.4	-	-	`cpe:2.3:a:openvpn:openvpn:2.0.4:::::::*`
openvpn	openvpn	2.0.6_rc1	-	-	`cpe:2.3:a:openvpn:openvpn:2.0.6_rc1:::::::*`
openvpn	openvpn	2.0_beta1	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_beta1:::::::*`
openvpn	openvpn	2.0_beta2	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_beta2:::::::*`
openvpn	openvpn	2.0_beta3	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_beta3:::::::*`
openvpn	openvpn	2.0_beta4	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_beta4:::::::*`
openvpn	openvpn	2.0_beta5	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_beta5:::::::*`
openvpn	openvpn	2.0_beta6	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_beta6:::::::*`
openvpn	openvpn	2.0_beta7	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_beta7:::::::*`
openvpn	openvpn	2.0_beta8	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_beta8:::::::*`
openvpn	openvpn	2.0_beta9	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_beta9:::::::*`
openvpn	openvpn	2.0_beta10	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_beta10:::::::*`
openvpn	openvpn	2.0_beta11	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_beta11:::::::*`
openvpn	openvpn	2.0_beta12	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_beta12:::::::*`
openvpn	openvpn	2.0_beta13	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_beta13:::::::*`
openvpn	openvpn	2.0_beta15	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_beta15:::::::*`
openvpn	openvpn	2.0_beta16	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_beta16:::::::*`
openvpn	openvpn	2.0_beta17	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_beta17:::::::*`
openvpn	openvpn	2.0_beta18	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_beta18:::::::*`
openvpn	openvpn	2.0_beta19	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_beta19:::::::*`
openvpn	openvpn	2.0_beta20	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_beta20:::::::*`
openvpn	openvpn	2.0_beta28	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_beta28:::::::*`
openvpn	openvpn	2.0_rc1	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_rc1:::::::*`
openvpn	openvpn	2.0_rc2	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_rc2:::::::*`
openvpn	openvpn	2.0_rc3	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_rc3:::::::*`
openvpn	openvpn	2.0_rc4	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_rc4:::::::*`
openvpn	openvpn	2.0_rc5	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_rc5:::::::*`
openvpn	openvpn	2.0_rc6	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_rc6:::::::*`
openvpn	openvpn	2.0_rc7	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_rc7:::::::*`
openvpn	openvpn	2.0_rc8	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_rc8:::::::*`
openvpn	openvpn	2.0_rc9	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_rc9:::::::*`
openvpn	openvpn	2.0_rc10	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_rc10:::::::*`
openvpn	openvpn	2.0_rc11	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_rc11:::::::*`
openvpn	openvpn	2.0_rc12	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_rc12:::::::*`
openvpn	openvpn	2.0_rc13	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_rc13:::::::*`
openvpn	openvpn	2.0_rc14	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_rc14:::::::*`
openvpn	openvpn	2.0_rc15	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_rc15:::::::*`
openvpn	openvpn	2.0_rc16	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_rc16:::::::*`
openvpn	openvpn	2.0_rc17	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_rc17:::::::*`
openvpn	openvpn	2.0_rc18	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_rc18:::::::*`
openvpn	openvpn	2.0_rc19	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_rc19:::::::*`
openvpn	openvpn	2.0_rc20	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_rc20:::::::*`
openvpn	openvpn	2.0_rc21	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_rc21:::::::*`
openvpn	openvpn	2.0_test1	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_test1:::::::*`
openvpn	openvpn	2.0_test2	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_test2:::::::*`
openvpn	openvpn	2.0_test3	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_test3:::::::*`
openvpn	openvpn	2.0_test4	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_test4:::::::*`
openvpn	openvpn	2.0_test5	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_test5:::::::*`
openvpn	openvpn	2.0_test6	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_test6:::::::*`
openvpn	openvpn	2.0_test7	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_test7:::::::*`
openvpn	openvpn	2.0_test8	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_test8:::::::*`
openvpn	openvpn	2.0_test9	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_test9:::::::*`
openvpn	openvpn	2.0_test10	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_test10:::::::*`
openvpn	openvpn	2.0_test11	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_test11:::::::*`
openvpn	openvpn	2.0_test12	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_test12:::::::*`
openvpn	openvpn	2.0_test14	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_test14:::::::*`
openvpn	openvpn	2.0_test15	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_test15:::::::*`
openvpn	openvpn	2.0_test16	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_test16:::::::*`
openvpn	openvpn	2.0_test17	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_test17:::::::*`
openvpn	openvpn	2.0_test18	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_test18:::::::*`
openvpn	openvpn	2.0_test19	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_test19:::::::*`
openvpn	openvpn	2.0_test20	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_test20:::::::*`
openvpn	openvpn	2.0_test21	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_test21:::::::*`
openvpn	openvpn	2.0_test22	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_test22:::::::*`
openvpn	openvpn	2.0_test23	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_test23:::::::*`
openvpn	openvpn	2.0_test24	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_test24:::::::*`
openvpn	openvpn	2.0_test25	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_test25:::::::*`
openvpn	openvpn	2.0_test26	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_test26:::::::*`
openvpn	openvpn	2.0_test27	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_test27:::::::*`
openvpn	openvpn	2.0_test29	-	-	`cpe:2.3:a:openvpn:openvpn:2.0_test29:::::::*`
openvpn	openvpn_access_server	2.0.1	-	-	`cpe:2.3:a:openvpn:openvpn_access_server:2.0.1:::::::*`
openvpn	openvpn_access_server	2.0.2	-	-	`cpe:2.3:a:openvpn:openvpn_access_server:2.0.2:::::::*`
openvpn	openvpn_access_server	2.0.5	-	-	`cpe:2.3:a:openvpn:openvpn_access_server:2.0.5:::::::*`
openvpn	openvpn_access_server	2.0.6	-	-	`cpe:2.3:a:openvpn:openvpn_access_server:2.0.6:::::::*`
openvpn	openvpn_access_server	2.0.7	-	-	`cpe:2.3:a:openvpn:openvpn_access_server:2.0.7:::::::*`

解决方案

中文解决方案:

（暂无数据）

英文解决方案:

（暂无数据）

临时解决方案:

（暂无数据）

参考链接

无标题 x_refsource_MISC
cve.org

访问

20060503 Re: OpenVPN 2.0.7 and below: Remote OpenVPN Management Interface Flaw mailing-list
cve.org

访问

20060503 Re: OpenVPN 2.0.7 and below: Remote OpenVPN Management Interface Flaw mailing-list
cve.org

访问

20060503 OpenVPN 2.0.7 and below: Remote OpenVPN Management Interface Flaw mailing-list
cve.org

访问

25660 vdb-entry
cve.org

访问

CVSS评分详情

4.0

MEDIUM

CVSS向量: AV:N/AC:H/Au:N/C:P/I:N/A:P

CVSS版本: 2.0

机密性

PARTIAL

完整性

NONE

可用性

PARTIAL

时间信息

发布时间:

2006-05-05 19:00:00

修改时间:

2024-08-07 17:43:28

创建时间:

2025-11-11 15:32:33

更新时间:

2025-11-11 15:49:06

利用信息

暂无可利用代码信息

数据源详情

数据源	记录ID	版本	提取时间
CVE	`cve_CVE-2006-2229`	2025-11-11 15:17:41	2025-11-11 07:32:33
NVD	`nvd_CVE-2006-2229`	2025-11-11 14:51:49	2025-11-11 07:41:19
CNNVD	`cnnvd_CNNVD-200605-102`	2025-11-11 15:08:51	2025-11-11 07:49:06

版本与语言

当前版本: v3

主要语言: EN

支持语言:

EN ZH

安全公告

暂无安全公告信息

变更历史

v3 CNNVD

2025-11-11 15:49:06

vulnerability_type: 未提取 → 其他; cnnvd_id: 未提取 → CNNVD-200605-102; data_sources: ['cve', 'nvd'] → ['cnnvd', 'cve', 'nvd']

查看详细变更

vulnerability_type: 未提取 -> 其他
cnnvd_id: 未提取 -> CNNVD-200605-102
data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']

v2 NVD

2025-11-11 15:41:19

cvss_score: 未提取 → 4.0; cvss_vector: NOT_EXTRACTED → AV:N/AC:H/Au:N/C:P/I:N/A:P; cvss_version: NOT_EXTRACTED → 2.0; affected_products_count: 0 → 85; data_sources: ['cve'] → ['cve', 'nvd']

查看详细变更

cvss_score: 未提取 -> 4.0
cvss_vector: NOT_EXTRACTED -> AV:N/AC:H/Au:N/C:P/I:N/A:P
cvss_version: NOT_EXTRACTED -> 2.0
affected_products_count: 0 -> 85
data_sources: ['cve'] -> ['cve', 'nvd']

CVE-2006-2229 (CNNVD-200605-102)

中文标题:

OpenVPN management管理接口TCP会话 信息泄露漏洞

英文标题:

OpenVPN 2.0.7 and earlier, when configured to use the --management option with an IP that is not 127...

漏洞描述

中文描述:

英文描述:

CWE类型:

标签:

受影响产品

解决方案

中文解决方案:

英文解决方案:

临时解决方案:

参考链接

CVSS评分详情

时间信息

利用信息

数据源详情

版本与语言

安全公告

变更历史

OpenVPN management管理接口TCP会话信息泄露漏洞