CVE-2016-6329

OpenVPN, when using a 64-bit block cipher, makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTP-over-OpenVPN session using Blowfish in CBC mode, aka a "Sweet32" attack.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.9 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 82%
VendorProductVersion
openvpnopenvpn
𝑥
≤ 2.3.14
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
openvpn
bullseye
unimportant
bookworm
unimportant
bookworm (security)
unimportant
sid
unimportant
trixie
unimportant
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
openvpn
hirsute
not-affected
groovy
not-affected
focal
not-affected
eoan
not-affected
disco
not-affected
cosmic
not-affected
bionic
not-affected
artful
not-affected
zesty
not-affected
yakkety
Fixed 2.3.11-1ubuntu2.1
released
xenial
Fixed 2.3.10-1ubuntu2.1
released
trusty
Fixed 2.3.2-7ubuntu3.2
released
precise
ignored
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=nas8N1021697
http://www-01.ibm.com/support/docview.wss?uid=swg21991482
http://www-01.ibm.com/support/docview.wss?uid=swg21995039
http://www.securityfocus.com/bid/92631
http://www.securitytracker.com/id/1036695
https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf
https://community.openvpn.net/openvpn/wiki/SWEET32
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05369403
https://security.gentoo.org/glsa/201611-02
https://sweet32.info/
http://www-01.ibm.com/support/docview.wss?uid=nas8N1021697
http://www-01.ibm.com/support/docview.wss?uid=swg21991482
http://www-01.ibm.com/support/docview.wss?uid=swg21995039
http://www.securityfocus.com/bid/92631
http://www.securitytracker.com/id/1036695
https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf
https://community.openvpn.net/openvpn/wiki/SWEET32
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05369403
https://security.gentoo.org/glsa/201611-02
https://sweet32.info/