Vulnerabilites related to stunnel - stunnel
Vulnerability from fkie_nvd
Published
2008-05-22 13:09
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in stunnel before 4.23, when running as a service on Windows, allows local users to gain privileges via unknown attack vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:stunnel:stunnel:0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E27CAA87-6971-4CFB-8299-931952B5157D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "579E37FC-51E6-4ECA-B05F-F4468772496B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0B56E5F0-6FFC-4188-AF11-F7583253F56E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8797A96C-B660-45DC-B218-38B8DB85B451",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B01D02DC-F570-47CE-AC1B-37DFEC9C1A28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B283AD3E-A27E-4B76-BEA8-05334DBF0A88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "69F0D8C8-3BCE-4AF7-953B-CEA2633E4179",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "503A7976-C3A6-447A-9531-0DB699C4A625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BAFC4E2-FDB5-489C-B9C3-DF13A5186FA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0D60C3DB-4185-484A-8275-D3541A40C046",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0FB236EF-0F97-4656-AB49-1D7829A63FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.0:b1:*:*:*:*:*:*",
"matchCriteriaId": "3073CCF6-5312-4FB2-AA43-D3B285EE32C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.0:b2:*:*:*:*:*:*",
"matchCriteriaId": "49E5FD63-32E3-4C40-A55C-B70546FDD866",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.0:b3:*:*:*:*:*:*",
"matchCriteriaId": "0B6444AC-588D-4154-B78E-3EB34129F1BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.0:b4:*:*:*:*:*:*",
"matchCriteriaId": "EC36154E-6006-45BB-A7CB-5293195602CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.0:b5:*:*:*:*:*:*",
"matchCriteriaId": "12C931B9-DDBE-4E94-8361-6A4D55886CF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.0:b6:*:*:*:*:*:*",
"matchCriteriaId": "3EBE0C35-0FB9-44D6-8FA2-8712A2BF9A60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.0:b7:*:*:*:*:*:*",
"matchCriteriaId": "5FFA8AD2-CAE2-4818-9D0C-0C32E62F3A59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CA2A0A-B7DE-49DD-940D-C19801CF5D55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0D68D250-CA5B-4311-AF3C-48605948A067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2E4A0103-713D-4E56-B32F-EB1649F26EE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "7D009335-E83C-4B35-ADB0-CBD6B82C0EA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7F4B0933-7D3A-43C9-9E42-FF5DAE94EDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F317B556-717B-46B9-A81E-63FC61723B72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "185B6AF8-18E7-4E6A-A7B9-60DFB17F33E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "400FE849-D547-44DE-B06F-5B68E5B20E07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.8:p1:*:*:*:*:*:*",
"matchCriteriaId": "E0845ED5-9C1A-4F1F-B6E5-AAF8B6893A28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.8:p2:*:*:*:*:*:*",
"matchCriteriaId": "1A23EB22-BD30-4FA3-9BAA-0B4B65C49F81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.8:p3:*:*:*:*:*:*",
"matchCriteriaId": "6EB00100-8EF0-463E-9C17-05525B7B5852",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.8:p4:*:*:*:*:*:*",
"matchCriteriaId": "466B14A9-B16C-41F3-B2A0-C3194A6D1C1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C236DC35-A2F7-47FB-AD51-17D2A0FD7DA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B256301B-9C6A-4BA6-8318-675C0EF4C316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EC33DAEE-8F51-404F-B5C4-B8A30B467E94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1FCDC66D-3BF5-4763-8877-38B0D3326E62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "75772E28-BD93-4981-96FA-CDF41DAF65AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "2415230E-4F66-4DDE-9E34-F685E8F4085A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "5121749D-3E19-4A9B-8C2D-84420A4E289B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "6E14DE44-69E6-4D0E-AD06-A829AFCDE528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.17:*:*:*:*:*:*:*",
"matchCriteriaId": "3D5B202D-D93D-4E33-BC9F-DA44B727C0B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.18:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC62D42-832D-4E6E-93D9-E7BA0CBC7799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.19:*:*:*:*:*:*:*",
"matchCriteriaId": "B5D49F98-9A24-464A-8695-58218C14B3DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "ADFFE78D-90EC-46C6-B215-2EADD9E0D146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.21:*:*:*:*:*:*:*",
"matchCriteriaId": "6132108C-C344-4ABC-AF40-1925830A6723",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.21a:*:*:*:*:*:*:*",
"matchCriteriaId": "8362D330-E286-4534-8560-B4B38E21767F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.21b:*:*:*:*:*:*:*",
"matchCriteriaId": "D0496D60-BE45-45FF-B360-60E59443DB96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.21c:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2EA0D4-05B6-4500-9374-74BBDAB6001F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.22:*:*:*:*:*:*:*",
"matchCriteriaId": "F16BDA03-BFAB-4839-A83A-370865928225",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.24:*:*:*:*:*:*:*",
"matchCriteriaId": "EB5A2E06-A98E-409C-9A90-460AF4CCF101",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC396CE-FDA7-480C-9E94-1A26B7FB208E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.01:*:*:*:*:*:*:*",
"matchCriteriaId": "C7B30722-13DD-41C5-9CFA-0719B351CF46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.02:*:*:*:*:*:*:*",
"matchCriteriaId": "722BA04D-BA9B-427C-B129-06EFEC3F2859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.03:*:*:*:*:*:*:*",
"matchCriteriaId": "2891FF7D-E62E-47F4-8873-1E4066247348",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.04:*:*:*:*:*:*:*",
"matchCriteriaId": "6A129110-60C1-46FC-9817-6E3802ADB389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.05:*:*:*:*:*:*:*",
"matchCriteriaId": "AF52167B-1109-4E02-A02F-17465F4C47FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.06:*:*:*:*:*:*:*",
"matchCriteriaId": "61536049-1C52-42E2-96DC-E5FF88BCC850",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.07:*:*:*:*:*:*:*",
"matchCriteriaId": "AE0EE4B5-C9D3-4DF1-B7B7-377B281FA313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.08:*:*:*:*:*:*:*",
"matchCriteriaId": "2811F3BC-03F8-4781-8D01-BAAE1BDE8895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.09:*:*:*:*:*:*:*",
"matchCriteriaId": "82C4D865-9641-4E28-935C-BDCBDB9C2CEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "2BF1DADF-BD26-41CF-BFA3-3C2928CDF9F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "75CF8185-A8FC-4EEE-B937-34924834AB43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A1561B7D-78BC-4910-85F4-113E84B97B3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "63DDF225-57D2-40E5-9BCA-672FBB3E2A6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "04043E99-5F67-4FE9-89FC-695B981FBD5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "FD11753B-1993-4DE5-B172-AF4839B5620E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.16:*:*:*:*:*:*:*",
"matchCriteriaId": "711059F5-ACB3-4D2A-931F-BA1C4422FC8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "5DDB6C42-0837-462B-BE2B-11A81B43C590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.18:*:*:*:*:*:*:*",
"matchCriteriaId": "5EEAAF27-156A-40FF-ADBF-79D851E744AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "EB202677-DDC6-42D1-9A90-CD4A79198553",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "F2C3EF02-B456-4506-94E8-5C41CB4FF69B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.21:*:*:*:*:*:*:*",
"matchCriteriaId": "B07502AA-E3E7-4143-B194-7C366CEA4A28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.22:*:*:*:*:*:*:*",
"matchCriteriaId": "97C554E8-62F4-4C73-821D-AB93D8EE841C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in stunnel before 4.23, when running as a service on Windows, allows local users to gain privileges via unknown attack vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en stunnel anterior a 4.23, cuando es ejecutado como un servicio en Windows, permite a usuarios locales obtener privilegios a trav\u00e9s de vectores de ataque desconocidos."
}
],
"id": "CVE-2008-2400",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-05-22T13:09:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30297"
},
{
"source": "cve@mitre.org",
"url": "http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000034.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/29285"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1020049"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/1568/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42526"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30297"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000034.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/29285"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020049"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1568/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42526"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-05-12 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
stunnel 4.0.3 and earlier allows attackers to cause a denial of service (crash) via SIGCHLD signal handler race conditions that cause an inconsistency in the child counter.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.04:*:*:*:*:*:*:*",
"matchCriteriaId": "6A129110-60C1-46FC-9817-6E3802ADB389",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "stunnel 4.0.3 and earlier allows attackers to cause a denial of service (crash) via SIGCHLD signal handler race conditions that cause an inconsistency in the child counter."
},
{
"lang": "es",
"value": "stunnerl 4.04 permite a atacantes causar una denegaci\u00f3n de servicio (ca\u00edda) debida a condiciones de carrera en el manejador de la se\u00f1al SIGCHLD que causa una inconsistencia en el contador de hijos."
}
],
"id": "CVE-2002-1563",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 1.2,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-05-12T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000736"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=104247606910598"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=106029168514511\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=stunnel-users\u0026m=103600188215117\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-3535.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-221.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-223.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/6592"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000736"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=104247606910598"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=106029168514511\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=stunnel-users\u0026m=103600188215117\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-3535.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-221.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-223.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/6592"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-02-12 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Format string vulnerability in stunnel 3.8 and earlier allows attackers to execute arbitrary commands via a malformed ident username.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2E4A0103-713D-4E56-B32F-EB1649F26EE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "7D009335-E83C-4B35-ADB0-CBD6B82C0EA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "185B6AF8-18E7-4E6A-A7B9-60DFB17F33E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "400FE849-D547-44DE-B06F-5B68E5B20E07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in stunnel 3.8 and earlier allows attackers to execute arbitrary commands via a malformed ident username."
}
],
"id": "CVE-2001-0060",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-02-12T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-12/0337.html"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000363"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2001/dsa-009"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2000-129.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/151719"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/2128"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5807"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-12/0337.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000363"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2001/dsa-009"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2000-129.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/151719"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/2128"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5807"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-05-14 00:59
Modified
2025-04-12 10:46
Severity ?
Summary
Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote attackers to bypass authentication.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| stunnel | stunnel | 5.00 | |
| stunnel | stunnel | 5.01 | |
| stunnel | stunnel | 5.02 | |
| stunnel | stunnel | 5.03 | |
| stunnel | stunnel | 5.04 | |
| stunnel | stunnel | 5.05 | |
| stunnel | stunnel | 5.06 | |
| stunnel | stunnel | 5.07 | |
| stunnel | stunnel | 5.08 | |
| stunnel | stunnel | 5.09 | |
| stunnel | stunnel | 5.10 | |
| stunnel | stunnel | 5.11 | |
| stunnel | stunnel | 5.12 | |
| stunnel | stunnel | 5.13 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:stunnel:stunnel:5.00:*:*:*:*:*:*:*",
"matchCriteriaId": "86A9A9F5-B193-44DC-88EF-D0409AB2CD42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:5.01:*:*:*:*:*:*:*",
"matchCriteriaId": "4AD482D3-F96B-41EB-BEF2-ED59A2B2E77B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:5.02:*:*:*:*:*:*:*",
"matchCriteriaId": "79CCAF8F-FAB6-40B5-8752-0E5AA6CDC0CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:5.03:*:*:*:*:*:*:*",
"matchCriteriaId": "59AE589F-7747-4F46-A58F-608AB7110B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:5.04:*:*:*:*:*:*:*",
"matchCriteriaId": "14F8AE5A-BCBB-4F41-862D-D930CAA67B61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "E881D0A8-5BA1-41FC-9743-262CAB3BCD08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:5.06:*:*:*:*:*:*:*",
"matchCriteriaId": "5636BFAF-4A5C-4002-B6BB-75B6F6BD534D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:5.07:*:*:*:*:*:*:*",
"matchCriteriaId": "C9B042A1-00CF-40CD-BAA2-1E2FFBE6FEE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:5.08:*:*:*:*:*:*:*",
"matchCriteriaId": "26F8ECBC-35ED-4736-9EA3-E439747E4249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:5.09:*:*:*:*:*:*:*",
"matchCriteriaId": "5A40647D-D3F4-4BB8-9A20-66366E330EF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D933945A-4FFE-4A90-B5A7-D375E36F5D90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "9B9E126F-CC19-4C4D-BB98-D4A21D7B84C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "60862632-E37E-40D4-8153-FE82CFD0E011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "D2774924-2867-42CF-AFFB-996809126E31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote attackers to bypass authentication."
},
{
"lang": "es",
"value": "Stunnel 5.00 hasta 5.13, cuando utiliza la opci\u00f3n de redirecci\u00f3n, no redirige las conexiones de clientes al servidor esperado despu\u00e9s de la conexi\u00f3n inicial, lo que permite a atacantes remotos evadir la autenticaci\u00f3n."
}
],
"id": "CVE-2015-3644",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-05-14T00:59:06.147",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2015/dsa-3299"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/74659"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032324"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.stunnel.org/CVE-2015-3644.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3299"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/74659"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032324"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.stunnel.org/CVE-2015-3644.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-03-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms ("Karatsuba" and normal).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| openpkg | openpkg | * | |
| openpkg | openpkg | 1.1 | |
| openpkg | openpkg | 1.2 | |
| openssl | openssl | 0.9.6 | |
| openssl | openssl | 0.9.6a | |
| openssl | openssl | 0.9.6b | |
| openssl | openssl | 0.9.6c | |
| openssl | openssl | 0.9.6d | |
| openssl | openssl | 0.9.6e | |
| openssl | openssl | 0.9.6g | |
| openssl | openssl | 0.9.6h | |
| openssl | openssl | 0.9.6i | |
| openssl | openssl | 0.9.7 | |
| openssl | openssl | 0.9.7a | |
| stunnel | stunnel | 3.7 | |
| stunnel | stunnel | 3.8 | |
| stunnel | stunnel | 3.9 | |
| stunnel | stunnel | 3.10 | |
| stunnel | stunnel | 3.11 | |
| stunnel | stunnel | 3.12 | |
| stunnel | stunnel | 3.13 | |
| stunnel | stunnel | 3.14 | |
| stunnel | stunnel | 3.15 | |
| stunnel | stunnel | 3.16 | |
| stunnel | stunnel | 3.17 | |
| stunnel | stunnel | 3.18 | |
| stunnel | stunnel | 3.19 | |
| stunnel | stunnel | 3.20 | |
| stunnel | stunnel | 3.21 | |
| stunnel | stunnel | 3.22 | |
| stunnel | stunnel | 4.0 | |
| stunnel | stunnel | 4.01 | |
| stunnel | stunnel | 4.02 | |
| stunnel | stunnel | 4.03 | |
| stunnel | stunnel | 4.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openpkg:openpkg:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F74941A0-97CA-44D4-B55B-9224F051D40F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openpkg:openpkg:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "85CCF640-211C-4EC0-9F41-68F5B39CA3F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openpkg:openpkg:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B6ADD463-E918-4F4D-9FA7-D109EBC98BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B5E4742C-A983-4F00-B24F-AB280C0E876D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*",
"matchCriteriaId": "8A0628DF-3A4C-4078-B615-22260671EABF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*",
"matchCriteriaId": "962FCB86-15AD-4399-8B7D-EC1DEA919C59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*",
"matchCriteriaId": "0FCA45CE-4127-47AD-BBA8-8A6DD83AE1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA1CA40-7DB5-4DCA-97A8-9A8CF4FECECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*",
"matchCriteriaId": "180D07AE-C571-4DD6-837C-43E2A946007A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*",
"matchCriteriaId": "90789533-C741-4B1C-A24B-2C77B9E4DE5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*",
"matchCriteriaId": "1520065B-46D7-48A4-B9D0-5B49F690C5B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*",
"matchCriteriaId": "5B76FE2D-FBE0-4A3B-A0EA-179332D74F0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "45A518E8-21BE-4C5C-B425-410AB1208E9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "78E79A05-64F3-4397-952C-A5BB950C967D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "185B6AF8-18E7-4E6A-A7B9-60DFB17F33E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "400FE849-D547-44DE-B06F-5B68E5B20E07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C236DC35-A2F7-47FB-AD51-17D2A0FD7DA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B256301B-9C6A-4BA6-8318-675C0EF4C316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EC33DAEE-8F51-404F-B5C4-B8A30B467E94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1FCDC66D-3BF5-4763-8877-38B0D3326E62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "75772E28-BD93-4981-96FA-CDF41DAF65AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "2415230E-4F66-4DDE-9E34-F685E8F4085A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "5121749D-3E19-4A9B-8C2D-84420A4E289B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "6E14DE44-69E6-4D0E-AD06-A829AFCDE528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.17:*:*:*:*:*:*:*",
"matchCriteriaId": "3D5B202D-D93D-4E33-BC9F-DA44B727C0B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.18:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC62D42-832D-4E6E-93D9-E7BA0CBC7799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.19:*:*:*:*:*:*:*",
"matchCriteriaId": "B5D49F98-9A24-464A-8695-58218C14B3DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "ADFFE78D-90EC-46C6-B215-2EADD9E0D146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.21:*:*:*:*:*:*:*",
"matchCriteriaId": "6132108C-C344-4ABC-AF40-1925830A6723",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.22:*:*:*:*:*:*:*",
"matchCriteriaId": "F16BDA03-BFAB-4839-A83A-370865928225",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC396CE-FDA7-480C-9E94-1A26B7FB208E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.01:*:*:*:*:*:*:*",
"matchCriteriaId": "C7B30722-13DD-41C5-9CFA-0719B351CF46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.02:*:*:*:*:*:*:*",
"matchCriteriaId": "722BA04D-BA9B-427C-B129-06EFEC3F2859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.03:*:*:*:*:*:*:*",
"matchCriteriaId": "2891FF7D-E62E-47F4-8873-1E4066247348",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.04:*:*:*:*:*:*:*",
"matchCriteriaId": "6A129110-60C1-46FC-9817-6E3802ADB389",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server\u0027s private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms (\"Karatsuba\" and normal)."
}
],
"id": "CVE-2003-0147",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-03-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-014.0.txt"
},
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030501-01-I"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0130.html"
},
{
"source": "cve@mitre.org",
"url": "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000625"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=104766550528628\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=104792570615648\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=104819602408063\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=104829040921835\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=104861762028637\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2003/dsa-288"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200303-23.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/997481"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:035"
},
{
"source": "cve@mitre.org",
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2003.019.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.openssl.org/news/secadv_20030317.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-101.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-102.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/316165/30/25370/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/316165/30/25370/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/316577/30/25310/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/316577/30/25310/threaded"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A466"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-014.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030501-01-I"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0130.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000625"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=104766550528628\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=104792570615648\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=104819602408063\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=104829040921835\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=104861762028637\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2003/dsa-288"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200303-23.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/997481"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:035"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2003.019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openssl.org/news/secadv_20030317.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-101.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-102.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/316165/30/25370/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/316165/30/25370/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/316577/30/25310/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/316577/30/25310/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A466"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"lastModified": "2007-03-14T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-05-23 15:32
Modified
2025-04-09 00:30
Severity ?
Summary
The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "7D009335-E83C-4B35-ADB0-CBD6B82C0EA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7F4B0933-7D3A-43C9-9E42-FF5DAE94EDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F317B556-717B-46B9-A81E-63FC61723B72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "185B6AF8-18E7-4E6A-A7B9-60DFB17F33E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "400FE849-D547-44DE-B06F-5B68E5B20E07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.8p1:*:*:*:*:*:*:*",
"matchCriteriaId": "E4AEA6DC-1A98-433F-B916-597395D5914A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.8p2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB24165B-92FD-48BA-94C3-87A922DDC6E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.8p3:*:*:*:*:*:*:*",
"matchCriteriaId": "B04F4BE4-34DE-4B8A-A1F1-32D12D33A5AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.8p4:*:*:*:*:*:*:*",
"matchCriteriaId": "A04CF19D-9C30-4433-A5E2-F3949479BE36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C236DC35-A2F7-47FB-AD51-17D2A0FD7DA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B256301B-9C6A-4BA6-8318-675C0EF4C316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EC33DAEE-8F51-404F-B5C4-B8A30B467E94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1FCDC66D-3BF5-4763-8877-38B0D3326E62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "75772E28-BD93-4981-96FA-CDF41DAF65AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "2415230E-4F66-4DDE-9E34-F685E8F4085A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "5121749D-3E19-4A9B-8C2D-84420A4E289B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "6E14DE44-69E6-4D0E-AD06-A829AFCDE528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.17:*:*:*:*:*:*:*",
"matchCriteriaId": "3D5B202D-D93D-4E33-BC9F-DA44B727C0B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.18:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC62D42-832D-4E6E-93D9-E7BA0CBC7799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.19:*:*:*:*:*:*:*",
"matchCriteriaId": "B5D49F98-9A24-464A-8695-58218C14B3DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "ADFFE78D-90EC-46C6-B215-2EADD9E0D146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.21:*:*:*:*:*:*:*",
"matchCriteriaId": "6132108C-C344-4ABC-AF40-1925830A6723",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.21a:*:*:*:*:*:*:*",
"matchCriteriaId": "8362D330-E286-4534-8560-B4B38E21767F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.21b:*:*:*:*:*:*:*",
"matchCriteriaId": "D0496D60-BE45-45FF-B360-60E59443DB96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.21c:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2EA0D4-05B6-4500-9374-74BBDAB6001F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.22:*:*:*:*:*:*:*",
"matchCriteriaId": "F16BDA03-BFAB-4839-A83A-370865928225",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.23:*:*:*:*:*:*:*",
"matchCriteriaId": "CDC6F568-DB15-40BD-906B-A4ED4804C40A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.24:*:*:*:*:*:*:*",
"matchCriteriaId": "EB5A2E06-A98E-409C-9A90-460AF4CCF101",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.25:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF66986-248A-4EE8-B60F-182C774A4066",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.26:*:*:*:*:*:*:*",
"matchCriteriaId": "BB8991F3-A5F5-41EE-8809-31E09BAC4DCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.00:*:*:*:*:*:*:*",
"matchCriteriaId": "CD371A76-9729-487E-AA15-775FFEBE3473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.01:*:*:*:*:*:*:*",
"matchCriteriaId": "C7B30722-13DD-41C5-9CFA-0719B351CF46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.02:*:*:*:*:*:*:*",
"matchCriteriaId": "722BA04D-BA9B-427C-B129-06EFEC3F2859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.03:*:*:*:*:*:*:*",
"matchCriteriaId": "2891FF7D-E62E-47F4-8873-1E4066247348",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.04:*:*:*:*:*:*:*",
"matchCriteriaId": "6A129110-60C1-46FC-9817-6E3802ADB389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.05:*:*:*:*:*:*:*",
"matchCriteriaId": "AF52167B-1109-4E02-A02F-17465F4C47FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.06:*:*:*:*:*:*:*",
"matchCriteriaId": "61536049-1C52-42E2-96DC-E5FF88BCC850",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.07:*:*:*:*:*:*:*",
"matchCriteriaId": "AE0EE4B5-C9D3-4DF1-B7B7-377B281FA313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.08:*:*:*:*:*:*:*",
"matchCriteriaId": "2811F3BC-03F8-4781-8D01-BAAE1BDE8895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.09:*:*:*:*:*:*:*",
"matchCriteriaId": "82C4D865-9641-4E28-935C-BDCBDB9C2CEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "2BF1DADF-BD26-41CF-BFA3-3C2928CDF9F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "75CF8185-A8FC-4EEE-B937-34924834AB43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A1561B7D-78BC-4910-85F4-113E84B97B3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "63DDF225-57D2-40E5-9BCA-672FBB3E2A6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "04043E99-5F67-4FE9-89FC-695B981FBD5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "FD11753B-1993-4DE5-B172-AF4839B5620E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.16:*:*:*:*:*:*:*",
"matchCriteriaId": "711059F5-ACB3-4D2A-931F-BA1C4422FC8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "5DDB6C42-0837-462B-BE2B-11A81B43C590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.18:*:*:*:*:*:*:*",
"matchCriteriaId": "5EEAAF27-156A-40FF-ADBF-79D851E744AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "EB202677-DDC6-42D1-9A90-CD4A79198553",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "F2C3EF02-B456-4506-94E8-5C41CB4FF69B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.21:*:*:*:*:*:*:*",
"matchCriteriaId": "B07502AA-E3E7-4143-B194-7C366CEA4A28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.22:*:*:*:*:*:*:*",
"matchCriteriaId": "97C554E8-62F4-4C73-821D-AB93D8EE841C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.23:*:*:*:*:*:*:*",
"matchCriteriaId": "061A0C84-B26C-4ED6-9771-8B7D29DB7053",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates."
},
{
"lang": "es",
"value": "Vulnerabilidad en la funcionalidad OCSP en stunnel anteriores a 4.24 no busca de forma adecuada la lista de revocaci\u00f3n de certificado (CRL), que permite a atacantes remotos intentar saltarse las restricciones de acceso utilizando certificados revocados.\r\n"
}
],
"id": "CVE-2008-2420",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-05-23T15:32:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30335"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30425"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31438"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200808-08.xml"
},
{
"source": "cve@mitre.org",
"url": "http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000035.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:168"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/29309"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/1569/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42528"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00856.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00907.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00942.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30335"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30425"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31438"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200808-08.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000035.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:168"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/29309"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1569/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42528"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00856.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00907.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00942.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Not vulnerable. OCSP protocol support was only implemented in upstream stunnel version 4.16. Therefore OCSP protocol is not available in the versions of stunnel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.\n\n",
"lastModified": "2008-05-26T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-01-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| stunnel | stunnel | 3.3 | |
| stunnel | stunnel | 3.4a | |
| stunnel | stunnel | 3.7 | |
| stunnel | stunnel | 3.8 | |
| stunnel | stunnel | 3.9 | |
| stunnel | stunnel | 3.10 | |
| stunnel | stunnel | 3.11 | |
| stunnel | stunnel | 3.12 | |
| stunnel | stunnel | 3.13 | |
| stunnel | stunnel | 3.14 | |
| stunnel | stunnel | 3.15 | |
| stunnel | stunnel | 3.16 | |
| stunnel | stunnel | 3.17 | |
| stunnel | stunnel | 3.18 | |
| stunnel | stunnel | 3.19 | |
| stunnel | stunnel | 3.20 | |
| stunnel | stunnel | 3.21 | |
| stunnel | stunnel | 3.21a | |
| stunnel | stunnel | 3.21b | |
| stunnel | stunnel | 3.21c | |
| stunnel | stunnel | 3.22 | |
| stunnel | stunnel | 3.24 | |
| engardelinux | secure_linux | 1.0.1 | |
| mandrakesoft | mandrake_linux | 8.1 | |
| redhat | linux | 7.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2E4A0103-713D-4E56-B32F-EB1649F26EE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "7D009335-E83C-4B35-ADB0-CBD6B82C0EA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "185B6AF8-18E7-4E6A-A7B9-60DFB17F33E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "400FE849-D547-44DE-B06F-5B68E5B20E07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C236DC35-A2F7-47FB-AD51-17D2A0FD7DA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B256301B-9C6A-4BA6-8318-675C0EF4C316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EC33DAEE-8F51-404F-B5C4-B8A30B467E94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1FCDC66D-3BF5-4763-8877-38B0D3326E62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "75772E28-BD93-4981-96FA-CDF41DAF65AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "2415230E-4F66-4DDE-9E34-F685E8F4085A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "5121749D-3E19-4A9B-8C2D-84420A4E289B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "6E14DE44-69E6-4D0E-AD06-A829AFCDE528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.17:*:*:*:*:*:*:*",
"matchCriteriaId": "3D5B202D-D93D-4E33-BC9F-DA44B727C0B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.18:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC62D42-832D-4E6E-93D9-E7BA0CBC7799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.19:*:*:*:*:*:*:*",
"matchCriteriaId": "B5D49F98-9A24-464A-8695-58218C14B3DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "ADFFE78D-90EC-46C6-B215-2EADD9E0D146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.21:*:*:*:*:*:*:*",
"matchCriteriaId": "6132108C-C344-4ABC-AF40-1925830A6723",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.21a:*:*:*:*:*:*:*",
"matchCriteriaId": "8362D330-E286-4534-8560-B4B38E21767F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.21b:*:*:*:*:*:*:*",
"matchCriteriaId": "D0496D60-BE45-45FF-B360-60E59443DB96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.21c:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2EA0D4-05B6-4500-9374-74BBDAB6001F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.22:*:*:*:*:*:*:*",
"matchCriteriaId": "F16BDA03-BFAB-4839-A83A-370865928225",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.24:*:*:*:*:*:*:*",
"matchCriteriaId": "EB5A2E06-A98E-409C-9A90-460AF4CCF101",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:engardelinux:secure_linux:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "79A6E38E-9BC6-4CD7-ABC6-754C9DB07DB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "205EF72B-7334-4AE0-9CA6-D2E8E5910C8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code."
},
{
"lang": "es",
"value": "Vulnerabilidad en el formateado de cadenas en stunnel anterior a la 3.22 cuando se usa en modo cliente para smtp, pop o nntp permite que servidores remotos maliciosos ejecuten c\u00f3digo arbitrario."
}
],
"id": "CVE-2002-0002",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-01-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=stunnel-users\u0026m=100869449828705\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://online.securityfocus.com/archive/1/247427"
},
{
"source": "cve@mitre.org",
"url": "http://online.securityfocus.com/archive/1/248149"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://stunnel.mirt.net/news.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-004.php3"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-002.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/3748"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7741"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=stunnel-users\u0026m=100869449828705\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://online.securityfocus.com/archive/1/247427"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://online.securityfocus.com/archive/1/248149"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://stunnel.mirt.net/news.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-004.php3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/3748"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7741"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-08-25 14:22
Modified
2025-04-11 00:51
Severity ?
Summary
stunnel 4.40 and 4.41 might allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.40:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E83FE3-B2C1-4DDB-8BD4-48A1DCD25496",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.41:*:*:*:*:*:*:*",
"matchCriteriaId": "7F82A3BF-F540-4C6B-846F-4E614849EDC8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "stunnel 4.40 and 4.41 might allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors."
},
{
"lang": "es",
"value": "stunnel v4.40 y v4.41 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria din\u00e1mica) a trav\u00e9s de vectores no especificados"
}
],
"id": "CVE-2011-2940",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-08-25T14:22:47.303",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45705"
},
{
"source": "secalert@redhat.com",
"url": "http://securitytracker.com/id?1025959"
},
{
"source": "secalert@redhat.com",
"url": "http://stunnel.org/?page=sdf_ChangeLog"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2011/08/19/18"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2011/08/19/6"
},
{
"source": "secalert@redhat.com",
"url": "http://www.osvdb.org/74600"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/49254"
},
{
"source": "secalert@redhat.com",
"url": "http://www.stunnel.org/pipermail/stunnel-announce/2011-August/000059.html"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=732068"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45705"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1025959"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://stunnel.org/?page=sdf_ChangeLog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2011/08/19/18"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2011/08/19/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/74600"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/49254"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.stunnel.org/pipermail/stunnel-announce/2011-August/000059.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=732068"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69318"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-03-08 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| stunnel | stunnel | * | |
| stunnel | stunnel | 4.21 | |
| stunnel | stunnel | 4.22 | |
| stunnel | stunnel | 4.23 | |
| stunnel | stunnel | 4.24 | |
| stunnel | stunnel | 4.25 | |
| stunnel | stunnel | 4.26 | |
| stunnel | stunnel | 4.27 | |
| stunnel | stunnel | 4.28 | |
| stunnel | stunnel | 4.29 | |
| stunnel | stunnel | 4.30 | |
| stunnel | stunnel | 4.31 | |
| stunnel | stunnel | 4.32 | |
| stunnel | stunnel | 4.33 | |
| stunnel | stunnel | 4.34 | |
| stunnel | stunnel | 4.35 | |
| stunnel | stunnel | 4.36 | |
| stunnel | stunnel | 4.37 | |
| stunnel | stunnel | 4.38 | |
| stunnel | stunnel | 4.39 | |
| stunnel | stunnel | 4.40 | |
| stunnel | stunnel | 4.41 | |
| stunnel | stunnel | 4.42 | |
| stunnel | stunnel | 4.43 | |
| stunnel | stunnel | 4.44 | |
| stunnel | stunnel | 4.45 | |
| stunnel | stunnel | 4.46 | |
| stunnel | stunnel | 4.47 | |
| stunnel | stunnel | 4.48 | |
| stunnel | stunnel | 4.49 | |
| stunnel | stunnel | 4.50 | |
| stunnel | stunnel | 4.51 | |
| stunnel | stunnel | 4.52 | |
| stunnel | stunnel | 4.53 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:stunnel:stunnel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C661630-13C3-449F-9E37-F378EB55A03B",
"versionEndIncluding": "4.54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.21:*:*:*:*:*:*:*",
"matchCriteriaId": "B07502AA-E3E7-4143-B194-7C366CEA4A28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.22:*:*:*:*:*:*:*",
"matchCriteriaId": "97C554E8-62F4-4C73-821D-AB93D8EE841C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.23:*:*:*:*:*:*:*",
"matchCriteriaId": "061A0C84-B26C-4ED6-9771-8B7D29DB7053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.24:*:*:*:*:*:*:*",
"matchCriteriaId": "E2ECB4F8-B623-4917-8420-E1DE6D9E514D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.25:*:*:*:*:*:*:*",
"matchCriteriaId": "A415AEFB-16B5-47EA-BFFC-D8494AEAA4D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.26:*:*:*:*:*:*:*",
"matchCriteriaId": "9928C1C1-B335-4076-80A7-D929A873D01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.27:*:*:*:*:*:*:*",
"matchCriteriaId": "CE6DEA2E-6475-4344-A8F0-34E5061B1C74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.28:*:*:*:*:*:*:*",
"matchCriteriaId": "A67FCF70-990C-45DE-9690-A3D3505C8E57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.29:*:*:*:*:*:*:*",
"matchCriteriaId": "91E0D2BB-59DC-40FA-83CD-1A49B79E1F6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.30:*:*:*:*:*:*:*",
"matchCriteriaId": "B04C76FA-732D-49D9-8CB6-D0C955E9127D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF686D0-3132-4371-9EF5-0E6F299BC98F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.32:*:*:*:*:*:*:*",
"matchCriteriaId": "13C7E3B7-437A-4096-A5A1-B40271E6A6FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.33:*:*:*:*:*:*:*",
"matchCriteriaId": "3E0EE85B-15FA-433F-92EB-8CDB07ED2790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.34:*:*:*:*:*:*:*",
"matchCriteriaId": "D4A3287D-3B8E-42C3-869D-E73A11289762",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.35:*:*:*:*:*:*:*",
"matchCriteriaId": "349AD1F9-315C-4D36-9809-E58F5044D02D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.36:*:*:*:*:*:*:*",
"matchCriteriaId": "69864FF1-8B29-446C-8B5A-160138039C7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.37:*:*:*:*:*:*:*",
"matchCriteriaId": "67B11EF6-C895-410B-AFA2-8E7B349F9571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.38:*:*:*:*:*:*:*",
"matchCriteriaId": "23893E68-A34A-4CBD-B0A5-A41BF346D4BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.39:*:*:*:*:*:*:*",
"matchCriteriaId": "F691D200-26B8-41AC-8123-78A853DFEAF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.40:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E83FE3-B2C1-4DDB-8BD4-48A1DCD25496",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.41:*:*:*:*:*:*:*",
"matchCriteriaId": "7F82A3BF-F540-4C6B-846F-4E614849EDC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.42:*:*:*:*:*:*:*",
"matchCriteriaId": "3C88D6AE-BE42-4E3A-9B95-A9E5A3C7ED11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.43:*:*:*:*:*:*:*",
"matchCriteriaId": "F9E334EF-1A35-4028-8B60-CA6A6890E490",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.44:*:*:*:*:*:*:*",
"matchCriteriaId": "73DF6D41-9CD0-4038-9571-C76B73B4E225",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.45:*:*:*:*:*:*:*",
"matchCriteriaId": "0C89A59C-F6F3-4F2F-AA8A-86E8B259245D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.46:*:*:*:*:*:*:*",
"matchCriteriaId": "67AF1A8D-9C55-4488-9E03-F0D824912BC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.47:*:*:*:*:*:*:*",
"matchCriteriaId": "969EC7D0-FB81-42FB-8089-E5EC1D107F18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.48:*:*:*:*:*:*:*",
"matchCriteriaId": "F66E4DD8-8D15-4DC1-BADD-B6BB6697313E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.49:*:*:*:*:*:*:*",
"matchCriteriaId": "4015B215-4FFA-423E-A7E2-7F43ADEBA326",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.50:*:*:*:*:*:*:*",
"matchCriteriaId": "84826AED-EEA7-4527-9A8E-258641B5C637",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.51:*:*:*:*:*:*:*",
"matchCriteriaId": "9189ECAB-E192-476B-87E1-339AF9BFA4F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.52:*:*:*:*:*:*:*",
"matchCriteriaId": "C3889099-4FEC-4133-9E7D-A8E529DE939A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.53:*:*:*:*:*:*:*",
"matchCriteriaId": "0F208151-3577-479E-B554-C94708D3D727",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow."
},
{
"lang": "es",
"value": "stunnel v4.21 a v4.54, cuando el protocolo de negociaci\u00f3n CONNECT y la autenticaci\u00f3n NTLM est\u00e1n habilitadas, no realiza la conversi\u00f3n de enteros correctamente, lo que permite ejecutar c\u00f3digo de su elecci\u00f3n a servidores remotos proxy a trav\u00e9s de una solicitud hecha a mano que dispara un desbordamiento de b\u00fafer.\r\n"
}
],
"id": "CVE-2013-1762",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 8.5,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-03-08T18:55:01.743",
"references": [
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0714.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2013/dsa-2664"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:130"
},
{
"source": "cve@mitre.org",
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0097"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.stunnel.org/CVE-2013-1762.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0714.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2013/dsa-2664"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0097"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.stunnel.org/CVE-2013-1762.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-10-20 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Stunnel 4.00, and 3.24 and earlier, leaks a privileged file descriptor returned by listen(), which allows local users to hijack the Stunnel server.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| stunnel | stunnel | 3.3 | |
| stunnel | stunnel | 3.4a | |
| stunnel | stunnel | 3.7 | |
| stunnel | stunnel | 3.8 | |
| stunnel | stunnel | 3.9 | |
| stunnel | stunnel | 3.10 | |
| stunnel | stunnel | 3.11 | |
| stunnel | stunnel | 3.12 | |
| stunnel | stunnel | 3.13 | |
| stunnel | stunnel | 3.14 | |
| stunnel | stunnel | 3.15 | |
| stunnel | stunnel | 3.16 | |
| stunnel | stunnel | 3.17 | |
| stunnel | stunnel | 3.18 | |
| stunnel | stunnel | 3.19 | |
| stunnel | stunnel | 3.20 | |
| stunnel | stunnel | 3.21 | |
| stunnel | stunnel | 3.21a | |
| stunnel | stunnel | 3.21b | |
| stunnel | stunnel | 3.21c | |
| stunnel | stunnel | 3.22 | |
| stunnel | stunnel | 3.24 | |
| stunnel | stunnel | 4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2E4A0103-713D-4E56-B32F-EB1649F26EE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "7D009335-E83C-4B35-ADB0-CBD6B82C0EA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "185B6AF8-18E7-4E6A-A7B9-60DFB17F33E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "400FE849-D547-44DE-B06F-5B68E5B20E07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C236DC35-A2F7-47FB-AD51-17D2A0FD7DA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B256301B-9C6A-4BA6-8318-675C0EF4C316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EC33DAEE-8F51-404F-B5C4-B8A30B467E94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1FCDC66D-3BF5-4763-8877-38B0D3326E62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "75772E28-BD93-4981-96FA-CDF41DAF65AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "2415230E-4F66-4DDE-9E34-F685E8F4085A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "5121749D-3E19-4A9B-8C2D-84420A4E289B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "6E14DE44-69E6-4D0E-AD06-A829AFCDE528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.17:*:*:*:*:*:*:*",
"matchCriteriaId": "3D5B202D-D93D-4E33-BC9F-DA44B727C0B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.18:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC62D42-832D-4E6E-93D9-E7BA0CBC7799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.19:*:*:*:*:*:*:*",
"matchCriteriaId": "B5D49F98-9A24-464A-8695-58218C14B3DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "ADFFE78D-90EC-46C6-B215-2EADD9E0D146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.21:*:*:*:*:*:*:*",
"matchCriteriaId": "6132108C-C344-4ABC-AF40-1925830A6723",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.21a:*:*:*:*:*:*:*",
"matchCriteriaId": "8362D330-E286-4534-8560-B4B38E21767F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.21b:*:*:*:*:*:*:*",
"matchCriteriaId": "D0496D60-BE45-45FF-B360-60E59443DB96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.21c:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2EA0D4-05B6-4500-9374-74BBDAB6001F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.22:*:*:*:*:*:*:*",
"matchCriteriaId": "F16BDA03-BFAB-4839-A83A-370865928225",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.24:*:*:*:*:*:*:*",
"matchCriteriaId": "EB5A2E06-A98E-409C-9A90-460AF4CCF101",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC396CE-FDA7-480C-9E94-1A26B7FB208E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stunnel 4.00, and 3.24 and earlier, leaks a privileged file descriptor returned by listen(), which allows local users to hijack the Stunnel server."
}
],
"id": "CVE-2003-0740",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-10-20T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000736"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=106260760211958\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:108"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-297.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000736"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=106260760211958\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:108"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-297.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-02-23 17:15
Modified
2024-11-21 05:46
Severity ?
Summary
A flaw was found in stunnel before 5.57, where it improperly validates client certificates when it is configured to use both redirect and verifyChain options. This flaw allows an attacker with a certificate signed by a Certificate Authority, which is not the one accepted by the stunnel server, to access the tunneled service instead of being redirected to the address specified in the redirect option. The highest threat from this vulnerability is to confidentiality.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1925226 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://github.com/mtrojnar/stunnel/commit/ebad9ddc4efb2635f37174c9d800d06206f1edf9 | Patch, Third Party Advisory | |
| secalert@redhat.com | https://security.gentoo.org/glsa/202105-02 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1925226 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/mtrojnar/stunnel/commit/ebad9ddc4efb2635f37174c9d800d06206f1edf9 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202105-02 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:stunnel:stunnel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99F6A33C-E8E1-4C44-978D-6F475DB634E0",
"versionEndExcluding": "5.57",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in stunnel before 5.57, where it improperly validates client certificates when it is configured to use both redirect and verifyChain options. This flaw allows an attacker with a certificate signed by a Certificate Authority, which is not the one accepted by the stunnel server, to access the tunneled service instead of being redirected to the address specified in the redirect option. The highest threat from this vulnerability is to confidentiality."
},
{
"lang": "es",
"value": "Se encontr\u00f3 un fallo en stunnel versiones anteriores a 5.57, donde comprueba inapropiadamente los certificados del cliente cuando est\u00e1 configurado para usar las opciones de redireccionamiento y verifyChain.\u0026#xa0;Este fallo permite a un atacante con un certificado firmado por una Autoridad de Certificaci\u00f3n, que no es el aceptado por el servidor de stunnel, para acceder al servicio de t\u00fanel en lugar de ser redireccionado a la direcci\u00f3n especificada en la opci\u00f3n de redireccionamiento.\u0026#xa0;La mayor amenaza de esta vulnerabilidad es la confidencialidad"
}
],
"id": "CVE-2021-20230",
"lastModified": "2024-11-21T05:46:10.593",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-02-23T17:15:13.753",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1925226"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/mtrojnar/stunnel/commit/ebad9ddc4efb2635f37174c9d800d06206f1edf9"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202105-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1925226"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/mtrojnar/stunnel/commit/ebad9ddc4efb2635f37174c9d800d06206f1edf9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202105-02"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "secalert@redhat.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-03-24 16:31
Modified
2025-04-12 10:46
Severity ?
Summary
stunnel before 5.00, when using fork threading, does not properly update the state of the OpenSSL pseudo-random number generator (PRNG), which causes subsequent children with the same process ID to use the same entropy pool and allows remote attackers to obtain private keys for EC (ECDSA) or DSA certificates.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:stunnel:stunnel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE8D4F93-EED9-4EDB-808C-E7AE0E76BA89",
"versionEndIncluding": "4.56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E27CAA87-6971-4CFB-8299-931952B5157D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "579E37FC-51E6-4ECA-B05F-F4468772496B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0B56E5F0-6FFC-4188-AF11-F7583253F56E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8797A96C-B660-45DC-B218-38B8DB85B451",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B01D02DC-F570-47CE-AC1B-37DFEC9C1A28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B283AD3E-A27E-4B76-BEA8-05334DBF0A88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "69F0D8C8-3BCE-4AF7-953B-CEA2633E4179",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "503A7976-C3A6-447A-9531-0DB699C4A625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BAFC4E2-FDB5-489C-B9C3-DF13A5186FA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0D60C3DB-4185-484A-8275-D3541A40C046",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0FB236EF-0F97-4656-AB49-1D7829A63FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.0:b1:*:*:*:*:*:*",
"matchCriteriaId": "3073CCF6-5312-4FB2-AA43-D3B285EE32C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.0:b2:*:*:*:*:*:*",
"matchCriteriaId": "49E5FD63-32E3-4C40-A55C-B70546FDD866",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.0:b3:*:*:*:*:*:*",
"matchCriteriaId": "0B6444AC-588D-4154-B78E-3EB34129F1BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.0:b4:*:*:*:*:*:*",
"matchCriteriaId": "EC36154E-6006-45BB-A7CB-5293195602CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.0:b5:*:*:*:*:*:*",
"matchCriteriaId": "12C931B9-DDBE-4E94-8361-6A4D55886CF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.0:b6:*:*:*:*:*:*",
"matchCriteriaId": "3EBE0C35-0FB9-44D6-8FA2-8712A2BF9A60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.0:b7:*:*:*:*:*:*",
"matchCriteriaId": "5FFA8AD2-CAE2-4818-9D0C-0C32E62F3A59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CA2A0A-B7DE-49DD-940D-C19801CF5D55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0D68D250-CA5B-4311-AF3C-48605948A067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2E4A0103-713D-4E56-B32F-EB1649F26EE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "7D009335-E83C-4B35-ADB0-CBD6B82C0EA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7F4B0933-7D3A-43C9-9E42-FF5DAE94EDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F317B556-717B-46B9-A81E-63FC61723B72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "185B6AF8-18E7-4E6A-A7B9-60DFB17F33E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "400FE849-D547-44DE-B06F-5B68E5B20E07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.8:p1:*:*:*:*:*:*",
"matchCriteriaId": "E0845ED5-9C1A-4F1F-B6E5-AAF8B6893A28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.8:p2:*:*:*:*:*:*",
"matchCriteriaId": "1A23EB22-BD30-4FA3-9BAA-0B4B65C49F81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.8:p3:*:*:*:*:*:*",
"matchCriteriaId": "6EB00100-8EF0-463E-9C17-05525B7B5852",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.8:p4:*:*:*:*:*:*",
"matchCriteriaId": "466B14A9-B16C-41F3-B2A0-C3194A6D1C1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.8p1:*:*:*:*:*:*:*",
"matchCriteriaId": "E4AEA6DC-1A98-433F-B916-597395D5914A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.8p2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB24165B-92FD-48BA-94C3-87A922DDC6E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.8p3:*:*:*:*:*:*:*",
"matchCriteriaId": "B04F4BE4-34DE-4B8A-A1F1-32D12D33A5AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.8p4:*:*:*:*:*:*:*",
"matchCriteriaId": "A04CF19D-9C30-4433-A5E2-F3949479BE36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C236DC35-A2F7-47FB-AD51-17D2A0FD7DA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B256301B-9C6A-4BA6-8318-675C0EF4C316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EC33DAEE-8F51-404F-B5C4-B8A30B467E94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1FCDC66D-3BF5-4763-8877-38B0D3326E62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "75772E28-BD93-4981-96FA-CDF41DAF65AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "2415230E-4F66-4DDE-9E34-F685E8F4085A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "5121749D-3E19-4A9B-8C2D-84420A4E289B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "6E14DE44-69E6-4D0E-AD06-A829AFCDE528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.17:*:*:*:*:*:*:*",
"matchCriteriaId": "3D5B202D-D93D-4E33-BC9F-DA44B727C0B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.18:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC62D42-832D-4E6E-93D9-E7BA0CBC7799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.19:*:*:*:*:*:*:*",
"matchCriteriaId": "B5D49F98-9A24-464A-8695-58218C14B3DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "ADFFE78D-90EC-46C6-B215-2EADD9E0D146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.21:*:*:*:*:*:*:*",
"matchCriteriaId": "6132108C-C344-4ABC-AF40-1925830A6723",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.21a:*:*:*:*:*:*:*",
"matchCriteriaId": "8362D330-E286-4534-8560-B4B38E21767F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.21b:*:*:*:*:*:*:*",
"matchCriteriaId": "D0496D60-BE45-45FF-B360-60E59443DB96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.21c:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2EA0D4-05B6-4500-9374-74BBDAB6001F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.22:*:*:*:*:*:*:*",
"matchCriteriaId": "F16BDA03-BFAB-4839-A83A-370865928225",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.23:*:*:*:*:*:*:*",
"matchCriteriaId": "CDC6F568-DB15-40BD-906B-A4ED4804C40A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.24:*:*:*:*:*:*:*",
"matchCriteriaId": "EB5A2E06-A98E-409C-9A90-460AF4CCF101",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.25:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF66986-248A-4EE8-B60F-182C774A4066",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.26:*:*:*:*:*:*:*",
"matchCriteriaId": "BB8991F3-A5F5-41EE-8809-31E09BAC4DCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.00:*:*:*:*:*:*:*",
"matchCriteriaId": "CD371A76-9729-487E-AA15-775FFEBE3473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC396CE-FDA7-480C-9E94-1A26B7FB208E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.01:*:*:*:*:*:*:*",
"matchCriteriaId": "C7B30722-13DD-41C5-9CFA-0719B351CF46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.02:*:*:*:*:*:*:*",
"matchCriteriaId": "722BA04D-BA9B-427C-B129-06EFEC3F2859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.03:*:*:*:*:*:*:*",
"matchCriteriaId": "2891FF7D-E62E-47F4-8873-1E4066247348",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.04:*:*:*:*:*:*:*",
"matchCriteriaId": "6A129110-60C1-46FC-9817-6E3802ADB389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.05:*:*:*:*:*:*:*",
"matchCriteriaId": "AF52167B-1109-4E02-A02F-17465F4C47FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.06:*:*:*:*:*:*:*",
"matchCriteriaId": "61536049-1C52-42E2-96DC-E5FF88BCC850",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.07:*:*:*:*:*:*:*",
"matchCriteriaId": "AE0EE4B5-C9D3-4DF1-B7B7-377B281FA313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.08:*:*:*:*:*:*:*",
"matchCriteriaId": "2811F3BC-03F8-4781-8D01-BAAE1BDE8895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.09:*:*:*:*:*:*:*",
"matchCriteriaId": "82C4D865-9641-4E28-935C-BDCBDB9C2CEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "2BF1DADF-BD26-41CF-BFA3-3C2928CDF9F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "75CF8185-A8FC-4EEE-B937-34924834AB43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A1561B7D-78BC-4910-85F4-113E84B97B3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "63DDF225-57D2-40E5-9BCA-672FBB3E2A6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "04043E99-5F67-4FE9-89FC-695B981FBD5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "FD11753B-1993-4DE5-B172-AF4839B5620E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.16:*:*:*:*:*:*:*",
"matchCriteriaId": "711059F5-ACB3-4D2A-931F-BA1C4422FC8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "5DDB6C42-0837-462B-BE2B-11A81B43C590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.18:*:*:*:*:*:*:*",
"matchCriteriaId": "5EEAAF27-156A-40FF-ADBF-79D851E744AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "EB202677-DDC6-42D1-9A90-CD4A79198553",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "F2C3EF02-B456-4506-94E8-5C41CB4FF69B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.21:*:*:*:*:*:*:*",
"matchCriteriaId": "B07502AA-E3E7-4143-B194-7C366CEA4A28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.22:*:*:*:*:*:*:*",
"matchCriteriaId": "97C554E8-62F4-4C73-821D-AB93D8EE841C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.23:*:*:*:*:*:*:*",
"matchCriteriaId": "061A0C84-B26C-4ED6-9771-8B7D29DB7053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.24:*:*:*:*:*:*:*",
"matchCriteriaId": "E2ECB4F8-B623-4917-8420-E1DE6D9E514D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.25:*:*:*:*:*:*:*",
"matchCriteriaId": "A415AEFB-16B5-47EA-BFFC-D8494AEAA4D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.26:*:*:*:*:*:*:*",
"matchCriteriaId": "9928C1C1-B335-4076-80A7-D929A873D01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.27:*:*:*:*:*:*:*",
"matchCriteriaId": "CE6DEA2E-6475-4344-A8F0-34E5061B1C74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.28:*:*:*:*:*:*:*",
"matchCriteriaId": "A67FCF70-990C-45DE-9690-A3D3505C8E57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.29:*:*:*:*:*:*:*",
"matchCriteriaId": "91E0D2BB-59DC-40FA-83CD-1A49B79E1F6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.30:*:*:*:*:*:*:*",
"matchCriteriaId": "B04C76FA-732D-49D9-8CB6-D0C955E9127D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF686D0-3132-4371-9EF5-0E6F299BC98F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.32:*:*:*:*:*:*:*",
"matchCriteriaId": "13C7E3B7-437A-4096-A5A1-B40271E6A6FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.33:*:*:*:*:*:*:*",
"matchCriteriaId": "3E0EE85B-15FA-433F-92EB-8CDB07ED2790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.34:*:*:*:*:*:*:*",
"matchCriteriaId": "D4A3287D-3B8E-42C3-869D-E73A11289762",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.35:*:*:*:*:*:*:*",
"matchCriteriaId": "349AD1F9-315C-4D36-9809-E58F5044D02D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.36:*:*:*:*:*:*:*",
"matchCriteriaId": "69864FF1-8B29-446C-8B5A-160138039C7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.37:*:*:*:*:*:*:*",
"matchCriteriaId": "67B11EF6-C895-410B-AFA2-8E7B349F9571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.38:*:*:*:*:*:*:*",
"matchCriteriaId": "23893E68-A34A-4CBD-B0A5-A41BF346D4BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.39:*:*:*:*:*:*:*",
"matchCriteriaId": "F691D200-26B8-41AC-8123-78A853DFEAF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.40:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E83FE3-B2C1-4DDB-8BD4-48A1DCD25496",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.41:*:*:*:*:*:*:*",
"matchCriteriaId": "7F82A3BF-F540-4C6B-846F-4E614849EDC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.42:*:*:*:*:*:*:*",
"matchCriteriaId": "3C88D6AE-BE42-4E3A-9B95-A9E5A3C7ED11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.43:*:*:*:*:*:*:*",
"matchCriteriaId": "F9E334EF-1A35-4028-8B60-CA6A6890E490",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.44:*:*:*:*:*:*:*",
"matchCriteriaId": "73DF6D41-9CD0-4038-9571-C76B73B4E225",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.45:*:*:*:*:*:*:*",
"matchCriteriaId": "0C89A59C-F6F3-4F2F-AA8A-86E8B259245D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.46:*:*:*:*:*:*:*",
"matchCriteriaId": "67AF1A8D-9C55-4488-9E03-F0D824912BC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.47:*:*:*:*:*:*:*",
"matchCriteriaId": "969EC7D0-FB81-42FB-8089-E5EC1D107F18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.48:*:*:*:*:*:*:*",
"matchCriteriaId": "F66E4DD8-8D15-4DC1-BADD-B6BB6697313E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.49:*:*:*:*:*:*:*",
"matchCriteriaId": "4015B215-4FFA-423E-A7E2-7F43ADEBA326",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.50:*:*:*:*:*:*:*",
"matchCriteriaId": "84826AED-EEA7-4527-9A8E-258641B5C637",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.51:*:*:*:*:*:*:*",
"matchCriteriaId": "9189ECAB-E192-476B-87E1-339AF9BFA4F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.52:*:*:*:*:*:*:*",
"matchCriteriaId": "C3889099-4FEC-4133-9E7D-A8E529DE939A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.53:*:*:*:*:*:*:*",
"matchCriteriaId": "0F208151-3577-479E-B554-C94708D3D727",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.54:*:*:*:*:*:*:*",
"matchCriteriaId": "3F054876-9E47-4FA8-883A-FF9366891829",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.55:*:*:*:*:*:*:*",
"matchCriteriaId": "62EC8E1D-4D8C-4EE0-89EB-2A5CB53D65F5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "stunnel before 5.00, when using fork threading, does not properly update the state of the OpenSSL pseudo-random number generator (PRNG), which causes subsequent children with the same process ID to use the same entropy pool and allows remote attackers to obtain private keys for EC (ECDSA) or DSA certificates."
},
{
"lang": "es",
"value": "stunnel anterior a 5.00, cuando utilizando hilo de bifurcaci\u00f3n, no actualiza debidamente el estado del generador de n\u00fameros psuedoaleatorios OpenSSL (PRNG), lo que causa que hijos posteriores con el mismo proceso ID utilicen el mismo pool de entrop\u00eda y permite a atacantes remotos obtener claves privadas para certificados EC (ECDSA) o DSA."
}
],
"id": "CVE-2014-0016",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-03-24T16:31:08.447",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2014/03/05/1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/65964"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/attachment.cgi?id=870826\u0026action=diff"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1072180"
},
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.stunnel.org/sdf_ChangeLog.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2014/03/05/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/65964"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/attachment.cgi?id=870826\u0026action=diff"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1072180"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.stunnel.org/sdf_ChangeLog.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-332"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2008-2400 (GCVE-0-2008-2400)
Vulnerability from cvelistv5
Published
2008-05-22 10:00
Modified
2024-08-07 08:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in stunnel before 4.23, when running as a service on Windows, allows local users to gain privileges via unknown attack vectors.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:58:02.235Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "29285",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29285"
},
{
"name": "ADV-2008-1568",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1568/references"
},
{
"name": "30297",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30297"
},
{
"name": "[stunnel-announce] 20080503 stunnel 4.23 released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000034.html"
},
{
"name": "1020049",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020049"
},
{
"name": "stunnel-windows-privilege-escalation(42526)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42526"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-05-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in stunnel before 4.23, when running as a service on Windows, allows local users to gain privileges via unknown attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "29285",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29285"
},
{
"name": "ADV-2008-1568",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1568/references"
},
{
"name": "30297",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30297"
},
{
"name": "[stunnel-announce] 20080503 stunnel 4.23 released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000034.html"
},
{
"name": "1020049",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020049"
},
{
"name": "stunnel-windows-privilege-escalation(42526)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42526"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2400",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in stunnel before 4.23, when running as a service on Windows, allows local users to gain privileges via unknown attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "29285",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29285"
},
{
"name": "ADV-2008-1568",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1568/references"
},
{
"name": "30297",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30297"
},
{
"name": "[stunnel-announce] 20080503 stunnel 4.23 released",
"refsource": "MLIST",
"url": "http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000034.html"
},
{
"name": "1020049",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020049"
},
{
"name": "stunnel-windows-privilege-escalation(42526)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42526"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-2400",
"datePublished": "2008-05-22T10:00:00",
"dateReserved": "2008-05-22T00:00:00",
"dateUpdated": "2024-08-07T08:58:02.235Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2940 (GCVE-0-2011-2940)
Vulnerability from cvelistv5
Published
2011-08-25 14:00
Modified
2024-08-06 23:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
stunnel 4.40 and 4.41 might allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:15:31.951Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20110819 CVE request: stunnel 4.4x heap overflow flaw",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/08/19/6"
},
{
"name": "1025959",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1025959"
},
{
"name": "[oss-security] 20110819 Re: CVE request: stunnel 4.4x heap overflow flaw",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/08/19/18"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=732068"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://stunnel.org/?page=sdf_ChangeLog"
},
{
"name": "49254",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/49254"
},
{
"name": "[stunnel-announce] 20110818 stunnel 4.42 released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.stunnel.org/pipermail/stunnel-announce/2011-August/000059.html"
},
{
"name": "74600",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/74600"
},
{
"name": "45705",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45705"
},
{
"name": "stunnel-unspecifed-code-execution(69318)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69318"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-08-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "stunnel 4.40 and 4.41 might allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20110819 CVE request: stunnel 4.4x heap overflow flaw",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/08/19/6"
},
{
"name": "1025959",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1025959"
},
{
"name": "[oss-security] 20110819 Re: CVE request: stunnel 4.4x heap overflow flaw",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/08/19/18"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=732068"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://stunnel.org/?page=sdf_ChangeLog"
},
{
"name": "49254",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/49254"
},
{
"name": "[stunnel-announce] 20110818 stunnel 4.42 released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.stunnel.org/pipermail/stunnel-announce/2011-August/000059.html"
},
{
"name": "74600",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/74600"
},
{
"name": "45705",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45705"
},
{
"name": "stunnel-unspecifed-code-execution(69318)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69318"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-2940",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "stunnel 4.40 and 4.41 might allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20110819 CVE request: stunnel 4.4x heap overflow flaw",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/08/19/6"
},
{
"name": "1025959",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025959"
},
{
"name": "[oss-security] 20110819 Re: CVE request: stunnel 4.4x heap overflow flaw",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/08/19/18"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=732068",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=732068"
},
{
"name": "http://stunnel.org/?page=sdf_ChangeLog",
"refsource": "CONFIRM",
"url": "http://stunnel.org/?page=sdf_ChangeLog"
},
{
"name": "49254",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/49254"
},
{
"name": "[stunnel-announce] 20110818 stunnel 4.42 released",
"refsource": "MLIST",
"url": "http://www.stunnel.org/pipermail/stunnel-announce/2011-August/000059.html"
},
{
"name": "74600",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/74600"
},
{
"name": "45705",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45705"
},
{
"name": "stunnel-unspecifed-code-execution(69318)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69318"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-2940",
"datePublished": "2011-08-25T14:00:00",
"dateReserved": "2011-07-27T00:00:00",
"dateUpdated": "2024-08-06T23:15:31.951Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0147 (GCVE-0-2003-0147)
Vulnerability from cvelistv5
Published
2003-03-18 05:00
Modified
2024-08-08 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms ("Karatsuba" and normal).
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:35.976Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-288",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-288"
},
{
"name": "RHSA-2003:101",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-101.html"
},
{
"name": "RHSA-2003:102",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-102.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openssl.org/news/secadv_20030317.txt"
},
{
"name": "GLSA-200303-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104829040921835\u0026w=2"
},
{
"name": "20030325 Fwd: APPLE-SA-2003-03-24 Samba, OpenSSL",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/316165/30/25370/threaded"
},
{
"name": "APPLE-SA-2003-03-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/316165/30/25370/threaded"
},
{
"name": "20030317 [ADVISORY] Timing Attack on OpenSSL",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104792570615648\u0026w=2"
},
{
"name": "CSSA-2003-014.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-014.0.txt"
},
{
"name": "MDKSA-2003:035",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:035"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf"
},
{
"name": "GLSA-200303-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200303-23.xml"
},
{
"name": "oval:org.mitre.oval:def:466",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A466"
},
{
"name": "OpenPKG-SA-2003.019",
"tags": [
"vendor-advisory",
"x_refsource_OPENPKG",
"x_transferred"
],
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2003.019.html"
},
{
"name": "GLSA-200303-24",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104861762028637\u0026w=2"
},
{
"name": "IMNX-2003-7+-001-01",
"tags": [
"vendor-advisory",
"x_refsource_IMMUNIX",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/316577/30/25310/threaded"
},
{
"name": "20030327 Immunix Secured OS 7+ openssl update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/316577/30/25310/threaded"
},
{
"name": "20030501-01-I",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030501-01-I"
},
{
"name": "20030313 Vulnerability in OpenSSL",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104766550528628\u0026w=2"
},
{
"name": "20030320 [OpenPKG-SA-2003.026] OpenPKG Security Advisory (openssl)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104819602408063\u0026w=2"
},
{
"name": "CLA-2003:625",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000625"
},
{
"name": "VU#997481",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/997481"
},
{
"name": "20030313 OpenSSL Private Key Disclosure",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0130.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-03-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server\u0027s private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms (\"Karatsuba\" and normal)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-288",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-288"
},
{
"name": "RHSA-2003:101",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-101.html"
},
{
"name": "RHSA-2003:102",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-102.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openssl.org/news/secadv_20030317.txt"
},
{
"name": "GLSA-200303-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104829040921835\u0026w=2"
},
{
"name": "20030325 Fwd: APPLE-SA-2003-03-24 Samba, OpenSSL",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/316165/30/25370/threaded"
},
{
"name": "APPLE-SA-2003-03-24",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://www.securityfocus.com/archive/1/316165/30/25370/threaded"
},
{
"name": "20030317 [ADVISORY] Timing Attack on OpenSSL",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104792570615648\u0026w=2"
},
{
"name": "CSSA-2003-014.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-014.0.txt"
},
{
"name": "MDKSA-2003:035",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:035"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf"
},
{
"name": "GLSA-200303-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200303-23.xml"
},
{
"name": "oval:org.mitre.oval:def:466",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A466"
},
{
"name": "OpenPKG-SA-2003.019",
"tags": [
"vendor-advisory",
"x_refsource_OPENPKG"
],
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2003.019.html"
},
{
"name": "GLSA-200303-24",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104861762028637\u0026w=2"
},
{
"name": "IMNX-2003-7+-001-01",
"tags": [
"vendor-advisory",
"x_refsource_IMMUNIX"
],
"url": "http://www.securityfocus.com/archive/1/316577/30/25310/threaded"
},
{
"name": "20030327 Immunix Secured OS 7+ openssl update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/316577/30/25310/threaded"
},
{
"name": "20030501-01-I",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030501-01-I"
},
{
"name": "20030313 Vulnerability in OpenSSL",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104766550528628\u0026w=2"
},
{
"name": "20030320 [OpenPKG-SA-2003.026] OpenPKG Security Advisory (openssl)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104819602408063\u0026w=2"
},
{
"name": "CLA-2003:625",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000625"
},
{
"name": "VU#997481",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/997481"
},
{
"name": "20030313 OpenSSL Private Key Disclosure",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0130.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0147",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server\u0027s private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms (\"Karatsuba\" and normal)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-288",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-288"
},
{
"name": "RHSA-2003:101",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-101.html"
},
{
"name": "RHSA-2003:102",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-102.html"
},
{
"name": "http://www.openssl.org/news/secadv_20030317.txt",
"refsource": "CONFIRM",
"url": "http://www.openssl.org/news/secadv_20030317.txt"
},
{
"name": "GLSA-200303-15",
"refsource": "GENTOO",
"url": "http://marc.info/?l=bugtraq\u0026m=104829040921835\u0026w=2"
},
{
"name": "20030325 Fwd: APPLE-SA-2003-03-24 Samba, OpenSSL",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/316165/30/25370/threaded"
},
{
"name": "APPLE-SA-2003-03-24",
"refsource": "APPLE",
"url": "http://www.securityfocus.com/archive/1/316165/30/25370/threaded"
},
{
"name": "20030317 [ADVISORY] Timing Attack on OpenSSL",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104792570615648\u0026w=2"
},
{
"name": "CSSA-2003-014.0",
"refsource": "CALDERA",
"url": "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-014.0.txt"
},
{
"name": "MDKSA-2003:035",
"refsource": "MANDRAKE",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:035"
},
{
"name": "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf",
"refsource": "MISC",
"url": "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf"
},
{
"name": "GLSA-200303-23",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200303-23.xml"
},
{
"name": "oval:org.mitre.oval:def:466",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A466"
},
{
"name": "OpenPKG-SA-2003.019",
"refsource": "OPENPKG",
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2003.019.html"
},
{
"name": "GLSA-200303-24",
"refsource": "GENTOO",
"url": "http://marc.info/?l=bugtraq\u0026m=104861762028637\u0026w=2"
},
{
"name": "IMNX-2003-7+-001-01",
"refsource": "IMMUNIX",
"url": "http://www.securityfocus.com/archive/1/316577/30/25310/threaded"
},
{
"name": "20030327 Immunix Secured OS 7+ openssl update",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/316577/30/25310/threaded"
},
{
"name": "20030501-01-I",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030501-01-I"
},
{
"name": "20030313 Vulnerability in OpenSSL",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104766550528628\u0026w=2"
},
{
"name": "20030320 [OpenPKG-SA-2003.026] OpenPKG Security Advisory (openssl)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104819602408063\u0026w=2"
},
{
"name": "CLA-2003:625",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000625"
},
{
"name": "VU#997481",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/997481"
},
{
"name": "20030313 OpenSSL Private Key Disclosure",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0130.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0147",
"datePublished": "2003-03-18T05:00:00",
"dateReserved": "2003-03-14T00:00:00",
"dateUpdated": "2024-08-08T01:43:35.976Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-1762 (GCVE-0-2013-1762)
Vulnerability from cvelistv5
Published
2013-03-08 18:00
Modified
2024-08-06 15:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:13:32.427Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDVSA-2013:130",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:130"
},
{
"name": "RHSA-2013:0714",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0714.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.stunnel.org/CVE-2013-1762.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0097"
},
{
"name": "DSA-2664",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2664"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-03-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-01-13T12:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDVSA-2013:130",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:130"
},
{
"name": "RHSA-2013:0714",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0714.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.stunnel.org/CVE-2013-1762.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0097"
},
{
"name": "DSA-2664",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2664"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-1762",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDVSA-2013:130",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:130"
},
{
"name": "RHSA-2013:0714",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0714.html"
},
{
"name": "https://www.stunnel.org/CVE-2013-1762.html",
"refsource": "CONFIRM",
"url": "https://www.stunnel.org/CVE-2013-1762.html"
},
{
"name": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0097",
"refsource": "CONFIRM",
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0097"
},
{
"name": "DSA-2664",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2664"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-1762",
"datePublished": "2013-03-08T18:00:00",
"dateReserved": "2013-02-19T00:00:00",
"dateUpdated": "2024-08-06T15:13:32.427Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1563 (GCVE-0-2002-1563)
Vulnerability from cvelistv5
Published
2003-04-26 04:00
Modified
2024-08-08 03:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
stunnel 4.0.3 and earlier allows attackers to cause a denial of service (crash) via SIGCHLD signal handler race conditions that cause an inconsistency in the child counter.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:26:28.913Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ESA-20030806-020",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE",
"x_transferred"
],
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-3535.html"
},
{
"name": "CLA-2003:736",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000736"
},
{
"name": "20030112 SIGCHLD problem in Stunnel",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104247606910598"
},
{
"name": "RHSA-2003:223",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-223.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://marc.info/?l=stunnel-users\u0026m=103600188215117\u0026w=2"
},
{
"name": "6592",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6592"
},
{
"name": "2003-0030",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106029168514511\u0026w=2"
},
{
"name": "RHSA-2003:221",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-221.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-10-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "stunnel 4.0.3 and earlier allows attackers to cause a denial of service (crash) via SIGCHLD signal handler race conditions that cause an inconsistency in the child counter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ESA-20030806-020",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE"
],
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-3535.html"
},
{
"name": "CLA-2003:736",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000736"
},
{
"name": "20030112 SIGCHLD problem in Stunnel",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104247606910598"
},
{
"name": "RHSA-2003:223",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-223.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://marc.info/?l=stunnel-users\u0026m=103600188215117\u0026w=2"
},
{
"name": "6592",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6592"
},
{
"name": "2003-0030",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106029168514511\u0026w=2"
},
{
"name": "RHSA-2003:221",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-221.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1563",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "stunnel 4.0.3 and earlier allows attackers to cause a denial of service (crash) via SIGCHLD signal handler race conditions that cause an inconsistency in the child counter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ESA-20030806-020",
"refsource": "ENGARDE",
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-3535.html"
},
{
"name": "CLA-2003:736",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000736"
},
{
"name": "20030112 SIGCHLD problem in Stunnel",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104247606910598"
},
{
"name": "RHSA-2003:223",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-223.html"
},
{
"name": "http://marc.info/?l=stunnel-users\u0026m=103600188215117\u0026w=2",
"refsource": "MISC",
"url": "http://marc.info/?l=stunnel-users\u0026m=103600188215117\u0026w=2"
},
{
"name": "6592",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6592"
},
{
"name": "2003-0030",
"refsource": "TRUSTIX",
"url": "http://marc.info/?l=bugtraq\u0026m=106029168514511\u0026w=2"
},
{
"name": "RHSA-2003:221",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-221.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1563",
"datePublished": "2003-04-26T04:00:00",
"dateReserved": "2003-04-23T00:00:00",
"dateUpdated": "2024-08-08T03:26:28.913Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0740 (GCVE-0-2003-0740)
Vulnerability from cvelistv5
Published
2003-09-04 04:00
Modified
2024-08-08 02:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stunnel 4.00, and 3.24 and earlier, leaks a privileged file descriptor returned by listen(), which allows local users to hijack the Stunnel server.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:05:12.501Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20030903 Stunnel-3.x Daemon Hijacking",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106260760211958\u0026w=2"
},
{
"name": "CLA-2003:736",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000736"
},
{
"name": "MDKSA-2003:108",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:108"
},
{
"name": "RHSA-2003:297",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-297.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-09-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stunnel 4.00, and 3.24 and earlier, leaks a privileged file descriptor returned by listen(), which allows local users to hijack the Stunnel server."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20030903 Stunnel-3.x Daemon Hijacking",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106260760211958\u0026w=2"
},
{
"name": "CLA-2003:736",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000736"
},
{
"name": "MDKSA-2003:108",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:108"
},
{
"name": "RHSA-2003:297",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-297.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0740",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stunnel 4.00, and 3.24 and earlier, leaks a privileged file descriptor returned by listen(), which allows local users to hijack the Stunnel server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030903 Stunnel-3.x Daemon Hijacking",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=106260760211958\u0026w=2"
},
{
"name": "CLA-2003:736",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000736"
},
{
"name": "MDKSA-2003:108",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:108"
},
{
"name": "RHSA-2003:297",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-297.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0740",
"datePublished": "2003-09-04T04:00:00",
"dateReserved": "2003-09-03T00:00:00",
"dateUpdated": "2024-08-08T02:05:12.501Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0060 (GCVE-0-2001-0060)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 04:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Format string vulnerability in stunnel 3.8 and earlier allows attackers to execute arbitrary commands via a malformed ident username.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:06:55.394Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20001209 Trustix Security Advisory - stunnel",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-12/0337.html"
},
{
"name": "RHSA-2000:129",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-129.html"
},
{
"name": "CLA-2000:363",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000363"
},
{
"name": "stunnel-format-logfile(5807)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5807"
},
{
"name": "DSA-009",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2001/dsa-009"
},
{
"name": "2128",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/2128"
},
{
"name": "20001218 Stunnel format bug",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/151719"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-12-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in stunnel 3.8 and earlier allows attackers to execute arbitrary commands via a malformed ident username."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20001209 Trustix Security Advisory - stunnel",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-12/0337.html"
},
{
"name": "RHSA-2000:129",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-129.html"
},
{
"name": "CLA-2000:363",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000363"
},
{
"name": "stunnel-format-logfile(5807)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5807"
},
{
"name": "DSA-009",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2001/dsa-009"
},
{
"name": "2128",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/2128"
},
{
"name": "20001218 Stunnel format bug",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/151719"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0060",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in stunnel 3.8 and earlier allows attackers to execute arbitrary commands via a malformed ident username."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20001209 Trustix Security Advisory - stunnel",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-12/0337.html"
},
{
"name": "RHSA-2000:129",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2000-129.html"
},
{
"name": "CLA-2000:363",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000363"
},
{
"name": "stunnel-format-logfile(5807)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5807"
},
{
"name": "DSA-009",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2001/dsa-009"
},
{
"name": "2128",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2128"
},
{
"name": "20001218 Stunnel format bug",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/151719"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0060",
"datePublished": "2001-05-07T04:00:00",
"dateReserved": "2001-02-01T00:00:00",
"dateUpdated": "2024-08-08T04:06:55.394Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-2420 (GCVE-0-2008-2420)
Vulnerability from cvelistv5
Published
2008-05-23 15:00
Modified
2024-08-07 08:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:58:02.605Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30425"
},
{
"name": "stunnel-ocsp-security-bypass(42528)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42528"
},
{
"name": "FEDORA-2008-4606",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00942.html"
},
{
"name": "ADV-2008-1569",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1569/references"
},
{
"name": "30335",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30335"
},
{
"name": "31438",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31438"
},
{
"name": "FEDORA-2008-4531",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00856.html"
},
{
"name": "MDVSA-2008:168",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:168"
},
{
"name": "[stunnel-announce] 20080519 stunnel 4.24 released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000035.html"
},
{
"name": "FEDORA-2008-4579",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00907.html"
},
{
"name": "GLSA-200808-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200808-08.xml"
},
{
"name": "29309",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29309"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-05-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "30425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30425"
},
{
"name": "stunnel-ocsp-security-bypass(42528)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42528"
},
{
"name": "FEDORA-2008-4606",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00942.html"
},
{
"name": "ADV-2008-1569",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1569/references"
},
{
"name": "30335",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30335"
},
{
"name": "31438",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31438"
},
{
"name": "FEDORA-2008-4531",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00856.html"
},
{
"name": "MDVSA-2008:168",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:168"
},
{
"name": "[stunnel-announce] 20080519 stunnel 4.24 released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000035.html"
},
{
"name": "FEDORA-2008-4579",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00907.html"
},
{
"name": "GLSA-200808-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200808-08.xml"
},
{
"name": "29309",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29309"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2420",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30425",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30425"
},
{
"name": "stunnel-ocsp-security-bypass(42528)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42528"
},
{
"name": "FEDORA-2008-4606",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00942.html"
},
{
"name": "ADV-2008-1569",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1569/references"
},
{
"name": "30335",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30335"
},
{
"name": "31438",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31438"
},
{
"name": "FEDORA-2008-4531",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00856.html"
},
{
"name": "MDVSA-2008:168",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:168"
},
{
"name": "[stunnel-announce] 20080519 stunnel 4.24 released",
"refsource": "MLIST",
"url": "http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000035.html"
},
{
"name": "FEDORA-2008-4579",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00907.html"
},
{
"name": "GLSA-200808-08",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200808-08.xml"
},
{
"name": "29309",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29309"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-2420",
"datePublished": "2008-05-23T15:00:00",
"dateReserved": "2008-05-23T00:00:00",
"dateUpdated": "2024-08-07T08:58:02.605Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-20230 (GCVE-0-2021-20230)
Vulnerability from cvelistv5
Published
2021-02-23 16:34
Modified
2024-08-03 17:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A flaw was found in stunnel before 5.57, where it improperly validates client certificates when it is configured to use both redirect and verifyChain options. This flaw allows an attacker with a certificate signed by a Certificate Authority, which is not the one accepted by the stunnel server, to access the tunneled service instead of being redirected to the address specified in the redirect option. The highest threat from this vulnerability is to confidentiality.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:30:07.599Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1925226"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mtrojnar/stunnel/commit/ebad9ddc4efb2635f37174c9d800d06206f1edf9"
},
{
"name": "GLSA-202105-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202105-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "stunnel",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "stunnel 5.57"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in stunnel before 5.57, where it improperly validates client certificates when it is configured to use both redirect and verifyChain options. This flaw allows an attacker with a certificate signed by a Certificate Authority, which is not the one accepted by the stunnel server, to access the tunneled service instead of being redirected to the address specified in the redirect option. The highest threat from this vulnerability is to confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-26T09:06:16",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1925226"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mtrojnar/stunnel/commit/ebad9ddc4efb2635f37174c9d800d06206f1edf9"
},
{
"name": "GLSA-202105-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202105-02"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2021-20230",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "stunnel",
"version": {
"version_data": [
{
"version_value": "stunnel 5.57"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in stunnel before 5.57, where it improperly validates client certificates when it is configured to use both redirect and verifyChain options. This flaw allows an attacker with a certificate signed by a Certificate Authority, which is not the one accepted by the stunnel server, to access the tunneled service instead of being redirected to the address specified in the redirect option. The highest threat from this vulnerability is to confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-295"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1925226",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1925226"
},
{
"name": "https://github.com/mtrojnar/stunnel/commit/ebad9ddc4efb2635f37174c9d800d06206f1edf9",
"refsource": "MISC",
"url": "https://github.com/mtrojnar/stunnel/commit/ebad9ddc4efb2635f37174c9d800d06206f1edf9"
},
{
"name": "GLSA-202105-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202105-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-20230",
"datePublished": "2021-02-23T16:34:39",
"dateReserved": "2020-12-17T00:00:00",
"dateUpdated": "2024-08-03T17:30:07.599Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-0016 (GCVE-0-2014-0016)
Vulnerability from cvelistv5
Published
2014-03-23 15:00
Modified
2024-08-06 08:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
stunnel before 5.00, when using fork threading, does not properly update the state of the OpenSSL pseudo-random number generator (PRNG), which causes subsequent children with the same process ID to use the same entropy pool and allows remote attackers to obtain private keys for EC (ECDSA) or DSA certificates.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:58:26.561Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.stunnel.org/sdf_ChangeLog.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/attachment.cgi?id=870826\u0026action=diff"
},
{
"name": "[oss-security] 20140305 libssh and stunnel PRNG flaws",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/03/05/1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1072180"
},
{
"name": "65964",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/65964"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-03-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "stunnel before 5.00, when using fork threading, does not properly update the state of the OpenSSL pseudo-random number generator (PRNG), which causes subsequent children with the same process ID to use the same entropy pool and allows remote attackers to obtain private keys for EC (ECDSA) or DSA certificates."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-24T10:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.stunnel.org/sdf_ChangeLog.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/attachment.cgi?id=870826\u0026action=diff"
},
{
"name": "[oss-security] 20140305 libssh and stunnel PRNG flaws",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/03/05/1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1072180"
},
{
"name": "65964",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/65964"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-0016",
"datePublished": "2014-03-23T15:00:00",
"dateReserved": "2013-12-03T00:00:00",
"dateUpdated": "2024-08-06T08:58:26.561Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-3644 (GCVE-0-2015-3644)
Vulnerability from cvelistv5
Published
2015-05-14 00:00
Modified
2024-08-06 05:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote attackers to bypass authentication.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:47:57.755Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3299",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3299"
},
{
"name": "74659",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74659"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.stunnel.org/CVE-2015-3644.html"
},
{
"name": "1032324",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032324"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote attackers to bypass authentication."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-23T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-3299",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3299"
},
{
"name": "74659",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74659"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.stunnel.org/CVE-2015-3644.html"
},
{
"name": "1032324",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032324"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3644",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote attackers to bypass authentication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3299",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3299"
},
{
"name": "74659",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74659"
},
{
"name": "https://www.stunnel.org/CVE-2015-3644.html",
"refsource": "CONFIRM",
"url": "https://www.stunnel.org/CVE-2015-3644.html"
},
{
"name": "1032324",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032324"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-3644",
"datePublished": "2015-05-14T00:00:00",
"dateReserved": "2015-05-04T00:00:00",
"dateUpdated": "2024-08-06T05:47:57.755Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0002 (GCVE-0-2002-0002)
Vulnerability from cvelistv5
Published
2002-06-25 04:00
Modified
2024-08-08 02:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:35:17.067Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://marc.info/?l=stunnel-users\u0026m=100869449828705\u0026w=2"
},
{
"name": "3748",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3748"
},
{
"name": "MDKSA-2002:004",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-004.php3"
},
{
"name": "20020102 Stunnel: Format String Bug update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/248149"
},
{
"name": "stunnel-client-format-string(7741)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7741"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://stunnel.mirt.net/news.html"
},
{
"name": "RHSA-2002:002",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-002.html"
},
{
"name": "20011227 Stunnel: Format String Bug in versions \u003c3.22",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/247427"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-12-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-11-13T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://marc.info/?l=stunnel-users\u0026m=100869449828705\u0026w=2"
},
{
"name": "3748",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3748"
},
{
"name": "MDKSA-2002:004",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-004.php3"
},
{
"name": "20020102 Stunnel: Format String Bug update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/248149"
},
{
"name": "stunnel-client-format-string(7741)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7741"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://stunnel.mirt.net/news.html"
},
{
"name": "RHSA-2002:002",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-002.html"
},
{
"name": "20011227 Stunnel: Format String Bug in versions \u003c3.22",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/247427"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0002",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://marc.info/?l=stunnel-users\u0026m=100869449828705\u0026w=2",
"refsource": "MISC",
"url": "http://marc.info/?l=stunnel-users\u0026m=100869449828705\u0026w=2"
},
{
"name": "3748",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3748"
},
{
"name": "MDKSA-2002:004",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-004.php3"
},
{
"name": "20020102 Stunnel: Format String Bug update",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/248149"
},
{
"name": "stunnel-client-format-string(7741)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7741"
},
{
"name": "http://stunnel.mirt.net/news.html",
"refsource": "CONFIRM",
"url": "http://stunnel.mirt.net/news.html"
},
{
"name": "RHSA-2002:002",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-002.html"
},
{
"name": "20011227 Stunnel: Format String Bug in versions \u003c3.22",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/247427"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0002",
"datePublished": "2002-06-25T04:00:00",
"dateReserved": "2002-01-02T00:00:00",
"dateUpdated": "2024-08-08T02:35:17.067Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}