Name: Cyberfero s.r.l.
Price range: $$$

Home » [CVE-2017-5868] OpenVPN Access Server : CRLF injection with Session fixation

Tuesday, 23 May 2017 23:45 Piergiorgio Venuti

[CVE-2017-5868] OpenVPN Access Server : CRLF injection with Session fixation

RSS

Categories …

Backup as a Service (18)
- Acronis Cloud Backup (11)
- Veeam Cloud Connect (4)
Cloud Conference (3)
Cloud CRM (1)
Cloud Server/VPS (22)
Conferenza Cloud (4)
Cyberfero (15)
ICT Monitoring (5)
Log Management (2)
News (25)
ownCloud (4)
Privacy (7)
Security (203)
- Cyber Threat Intelligence (CTI) (8)
- Deception (4)
- Ethical Phishing (11)
- Netwrix Auditor (2)
- Penetration Test (11)
- Posture Guard (3)
- SOCaaS (65)
  - EDR (3)
  - SIEM (13)
  - SOAR (5)
  - UEBA (10)
- Vulnerabilities (84)
Web Hosting (15)

Full Disclosure

Alipay DeepLink+JSBridge Attack Chain: Silent GPS Exfiltration, 17 Vulns, 6 CVEs (CVSS 9.3) March 12, 2026
Posted by Feng Ning via Fulldisclosure on Mar 12Subject: Alipay DeepLink+JSBridge Attack Chain: Silent GPS Exfiltration, 17 Vulns, 6 CVEs (CVSS 9.3) # Alipay DeepLink + JSBridge Attack Chain # Silent GPS Exfiltration via Crafted URL ## Overview Researcher: Jiqiang Feng / Innora AI Security Research Vendor: Ant Group (蚂蚁集团) / Alibaba Group Product: Alipay […]
Cohesity TranZman Migration Appliance - 5 CVEs (command injection, LPE, unsigned patches, weak crypto) March 12, 2026
Posted by GregD via Fulldisclosure on Mar 12Hi, I'm disclosing five vulnerabilities discovered during an authorised security assessment of the Cohesity TranZman Migration Appliance (formerly Stone Ram TranZman), Release 4.0 Build 14614. CVE-2025-67840 - Web API Command Injection (CVSS 7.2 High) The /api/v1/scheduler/run and /api/v1/actions/run endpoints allow authenticated administrators to execute arbitrary commands as root […]
APPLE-SA-03-11-2026-2 iOS 15.8.7 and iPadOS 15.8.7 March 12, 2026
Posted by Apple Product Security via Fulldisclosure on Mar 12APPLE-SA-03-11-2026-2 iOS 15.8.7 and iPadOS 15.8.7 iOS 15.8.7 and iPadOS 15.8.7 addresses the following issues. Information about the security content is also available at https://support.apple.com/126632. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Kernel Available for: iPhone 6s […]
APPLE-SA-03-11-2026-1 iOS 16.7.15 and iPadOS 16.7.15 March 12, 2026
Posted by Apple Product Security via Fulldisclosure on Mar 12APPLE-SA-03-11-2026-1 iOS 16.7.15 and iPadOS 16.7.15 iOS 16.7.15 and iPadOS 16.7.15 addresses the following issues. Information about the security content is also available at https://support.apple.com/126646. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. WebKit Available for: iPhone 8, […]
SEC Consult SA-20260224-0 :: Multiple vulnerabilities in CPSD CryptoPro Secure Disk for BitLocker (CVE-2025-10010) March 12, 2026
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Mar 12SEC Consult Vulnerability Lab Security Advisory < 20260224-0 > ======================================================================= title: Multiple vulnerabilities product: CPSD CryptoPro Secure Disk for BitLocker vulnerable version: 7.6.4.16432 (76212) fixed version: 7.6.6 / 7.7.1 CVE number: CVE-2025-10010 impact: […]
SEC Consult SA-20260218-0 :: Multiple Critical Vulnerabilities in NesterSoft WorkTime (on-prem/cloud) February 22, 2026
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Feb 22SEC Consult Vulnerability Lab Security Advisory < 20260218-0 > ======================================================================= title: Multiple Critical Vulnerabilities product: NesterSoft WorkTime (on-prem/cloud) vulnerable version:
[KIS-2026-04] SmarterMail <= 9518 (MailboxId) Reflected Cross-Site Scripting Vulnerability February 22, 2026
Posted by Egidio Romano on Feb 22---------------------------------------------------------------------------- SmarterMail
SEC Consult SA-20260212-0 :: Multiple Vulnerabilities in various Solax Power Pocket WiFi models February 16, 2026
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Feb 16SEC Consult Vulnerability Lab Security Advisory < 20260212-0 > ======================================================================= title: Multiple Vulnerabilities product: Various Solax Power Pocket WiFi models vulnerable version: See section below fixed version: See section below CVE number: […]
[Full Disclosure] CVE-2025-69690 & CVE-2025-69691 — Authenticated RCE in Netgate pfSense CE 2.7.2 and 2.8.0 February 16, 2026
Posted by privexploits via Fulldisclosure on Feb 16Advisory: Authenticated Remote Code Execution in pfSense CECVEs: CVE-2025-69690, CVE-2025-69691 Researcher: Nelson Adhepeau (privexploits () protonmail com) Date: February 2026 == RESPONSIBLE DISCLOSURE NOTICE == This advisory is published in accordance with responsible disclosure practices. The vendor was notified on December 2, 2025, acknowledged the reports, and indicated […]
APPLE-SA-02-11-2026-9 Safari 26.3 February 16, 2026
Posted by Apple Product Security via Fulldisclosure on Feb 16APPLE-SA-02-11-2026-9 Safari 26.3 Safari 26.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/126354. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. CFNetwork Available for: macOS Sonoma and macOS Sequoia Impact: A remote […]

Customers

Twitter FEED

Recent activity

SecureOnlineDesktop

Estimated reading time: 6 minutes L'impatto crescente delle minacce informatiche, su sistemi operativi privati op… https://t.co/FimxTS4o9G
SecureOnlineDesktop

Estimated reading time: 6 minutes The growing impact of cyber threats, on private or corporate operating systems… https://t.co/y6G6RYA9n1
SecureOnlineDesktop

Tempo di lettura stimato: 6 minuti Today we are talking about the CTI update of our services. Data security is… https://t.co/YAZkn7iFqa
SecureOnlineDesktop

Estimated reading time: 6 minutes Il tema della sicurezza delle informazioni è di grande attualità in questo peri… https://t.co/tfve5Kzr09
SecureOnlineDesktop

Estimated reading time: 6 minutes The issue of information security is very topical in this historical period ch… https://t.co/TP8gvdRcrF

{subscription_form_1}

Partners

Cloud Models

News

From Secure Online Desktop to Cyberfero: rebranding of the leading cybersecurity company May 6, 2024
NIS: what it is and how it protects cybersecurity April 22, 2024
Advanced persistent threats (APTs): what they are and how to defend yourself April 17, 2024
Penetration Testing and MFA: A Dual Strategy to Maximize Security April 15, 2024
Penetration Testing: Where to Strike to Protect Your IT Network March 25, 2024

Google Reviews

Secure Online Desktop s.r.l.

4.9

Based on 37 reviews

review us on

Riccardo Crocilli

14:02 22 Mar 19

Ho collaborato con Secure Online Desktop per importanti progetti IT. Si sono dimostrati negli anni partner seri, competenti e professionali , l' Azienda dimostra una grande esperienza maturata in tanti anni di consulenza e lavoro su contesti IT innovativi.
Davvero consigliata !!!!!
In particolare vorrei sottolineare la figura che piu’ racchiude e sintetizza le qualità della Secure Online Desktop , il suo AD Ing. Piergiorgio Venuti, professionista impagabile , sia dal punto di vista tecnico/organizzativo che soprattutto (e non dimeno) come persona , capace di gestire , risolvere e approcciare qualsivoglia attività/problematica, davvero un grande !!!!

Filippo Scavone

13:39 22 Mar 19

Dopo anni di collaborazione confermo la professionalità, competenza ed affidabilità

clickday at2016

13:36 22 Mar 19

Con lo studio di consulenza di cui sono socio, ATS – CONSULENTI ASSOCIATI S.r.l., collaboriamo già da alcuni anni, in materia di Sicurezza informatica in ambito GDPR, con la Secure Online Desktop. Si sono dimostrati partner seri, competenti e professionali sia su clienti PMI sia su Grandi imprese.

Paolo Ferrari

13:34 22 Mar 19

Professionali e competenti

Paolo Raimondi

11:08 21 Apr 18

La Polimatica Progetti Srl, azienda di cui sono titolare, collabora con soddisfazione da alcuni anni con Secure Online Desktop. L'Azienda è costituita da professionisti seri e competenti. Insieme a loro abbiamo costruito un sistema organizzato di soluzioni ICT, servizi e attività di consulenza per la compliance alla normativa in materia di protezione dei dati personali (GDPR)

Claudia Cavatorta

21:45 20 Apr 18

Ormai da anni lavoriamo con Secure Online Desktop e ci siamo trovati sempre molto bene. L'Azienda ha dimostrato disponibilità costante nel risolvere problemi ed esigenze che nel nostro tipo di lavoro si presentano molto frequentemente. Sempre puntuali nell'implementare le modifiche richieste e propositivi riguardo a soluzioni che possano apportare migliorie ad un sistema già ottimale. Per quanto riguarda il prodotto: la piattaforma che abbiamo a disposizione funziona molto bene, la connessione è veloce e siamo sicuri di conservare i nostri dati in assoluta sicurezza.

Omid Fazeli

06:59 20 Apr 18

They have a lot of solutions for any kind of business. Lower prices than many others. The support service is always active and efficient.

Miki A.

13:47 16 Apr 18

Prodotti eccellenti, a partire dai classici hosting, sino a VPS e cloud strutturati.
Tempi veloci e staff preparato!

More reviews

Facebook

Secure Online Desktop s.r.l.

5.0

Based on 12 reviews

review us on

Paolo Raimondi

11:06 21 Apr 18

recommendsLa Polimatica Progetti Srl, azienda di... cui sono titolare, collabora con soddisfazione da alcuni anni con Secure Online Desktop. L'Azienda è costituita da professionisti seri e competenti. Insieme a loro abbiamo costruito un sistema organizzato di soluzioni ICT, servizi e attività di consulenza per la compliance alla normativa in materia di protezione dei dati personali (GDPR).read more

Ilaria Miglietta

04:16 21 Apr 18

recommendsServizi affidabili e di semplice... utilizzo. I loro tecnici molto attenti alle esigenze del cliente, continuate cosìread more

Francesca Marastoni

11:41 20 Apr 18

recommendsExcellent service company with... wonderful stuff. Highly recommended.

Ottima azienda, servizi molto utili, staff qualificato e competente. Raccomandata!read more

Alessio Liga

08:25 20 Apr 18

recommendsServizi di alto livello, competenti e... disponibili a accettare nuove sfide per sviluppare business
Ottimo supportoread more

Matteo Revelli

22:39 19 Apr 18

recommendsOttima azienda, offre servizi di alta... qualità con personale competente e disponibile.read more

Lorenzo Munari

16:25 19 Apr 18

recommendsAzienda molto seria e... affidabile.

E' un piacere poter collaborare con realtà di questo tiporead more

Francisco Amadi

10:41 19 Apr 18

recommendsHo avuto il piacere di collaborare con... loro e spero vivamente che succeda di nuovo. Competenti, professionali, precisi e cordiali!read more

Davide Michelotto

07:42 19 Apr 18

recommendsOttimo servizio, seri professionisti al... timone della società e celerità nei tempi di risposta, oltre ogni aspettativa.read more

Gabriele Petralia

12:28 18 Apr 18

recommends

Luca Prati

10:12 18 Apr 18

recommendsAzienda eccellente, consulenza... customizzata e puntuale.
Un ottimo fornitore.
Io personalmente ho parlato con l' Ing. Venuti, valore aggiunto indubbiamente.read more

Valerio Lezza

21:35 17 Apr 18

recommends

Daniela Cospito Di Leo

21:20 17 Apr 18

recommends

More Reviews

About

© 2024 Cyberfero s.r.l. All Rights Reserved. Sede Legale: via Statuto 3 - 42121 Reggio Emilia (RE) – PEC [email protected] Cod. fiscale e P.IVA 03058120357 – R.E.A. 356650 Informativa Privacy - Certificazioni ISO

Cloud Server

Web Hosting

Cloud Conference

Cloud CRM for Call Center

ICT consulting

ownCloud

BaaS | Cloud Backup | Backup as a Service

Log Management

ICT Monitoring Service

Next Generation SIEM

Ethical Phishing

Business VPN

Software development service

SEO services

Forum Web

Internal area

Business Continuity Audit

Vulnerability Assessment and Penetration test

GDPR & Privacy

Managed Service

Backup as a Service

Cloud CRM

Cloud Server/VPS

Cyberfero

Security

Web Hosting

ICT Monitoring

Log Management

Privacy

Events

Cyberfero – Company

Contacts

[CVE-2017-5868] OpenVPN Access Server : CRLF injection with Session fixation

[CVE-2017-5868] OpenVPN Access Server : CRLF injection with Session fixation

Share

RSS

More Articles…

Categories …

Tags

Unknown Feed

Full Disclosure

Customers

Twitter FEED

Recent activity

Newsletter

Products and Solutions

Partners

Cloud Models

News

Google Reviews

Facebook

About