CVE-2006-1629

Name of the Vulnerable Software and Affected Versions: OpenVPN versions 2.0 through 2.0.5

Description: The issue allows remote malicious servers to execute arbitrary code on the client. This is achieved by using the setenv function with the LD PRELOAD environment variable, which can lead to code execution.

Recommendations: For OpenVPN versions 2.0 through 2.0.5, consider updating to a version where this issue is fixed, as using setenv with LD PRELOAD can pose a significant risk. As a temporary workaround, consider restricting the use of the LD PRELOAD environment variable in the client configuration to minimize the risk of exploitation.