The OpenVPN 2.4.0 Audit by OSTIF and QuarksLab Results
OpenVPN 2.4.0, the NDIS6 TAP Driver for Windows, the Windows GUI, and Linux versions were evaluated. This release included a number of new features including control channel encryption. QuarksLab found: 1 Critical/High Vulnerability CVE-2017-7478 1 Medium Vulnerability CVE-2017-7479 5 Low or Informational Vulnerabilities / Concerns This public disclosure of these vulnerabilities coincides with the release of OpenVPN 2.4.2 which fixes…