CVE-2008-3459
Unspecified vulnerability in OpenVPN 2.1-beta14 through 2.1-rc8, when running on non-Windows systems, allows remote servers to execute arbitrary commands via crafted (1) lladdr and (2) iproute configuration directives, probably related to shell metacharacters.
Date published : 2008-08-04
http://www.securityfocus.com/bid/30532
http://openvpn.net/index.php/documentation/change-log/changelog-21.html