Rewterz Threat Advisory – Multiple Palo Alto Security Vulnerabilities

September 10, 2021

Rewterz Threat Advisory – CVE-2021-38540 – Apache Airflow Security Vulnerability

September 10, 2021

Rewterz Threat Advisory – CVE-2021-3773 – OpenVPN for Linux and FreeBSD Security Vulnerability

September 10, 2021

Severity

High

Analysis Summary

CVE-2021-3773

OpenVPN for Linux and FreeBSD is vulnerable to a denial of service, caused by the lack of port sanity checking in natd and Netfilter. By sending specially-crafted packets, a remote attacker could exploit this vulnerability to cause a denial of service condition, deanonymization of clients, and redirection of connection to an attacker-controlled server.

Impact

Denial of Service
Information Disclosure

Affected Vendors

OpenVPN

Affected Products

OpenVPN OpenVPN 2.4.4

Remediation

Upgrade to the latest version of OpenVPN, available from the OpenVPN Web site. See References

Homepage

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Microsoft Entra Account Lockouts Triggered by Token Logging Error

SideWinder APT Group aka Rattlesnake Targeting Pakistan – Active IOCs

SideWinder APT Group aka Rattlesnake – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Advisory – Multiple Palo Alto Security Vulnerabilities

Rewterz Threat Advisory – CVE-2021-38540 – Apache Airflow Security Vulnerability

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.