Stunnel

Stunnel

12 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2021-20230

  • EPSS 0.21%
  • Veröffentlicht 23.02.2021 17:15:13
  • Zuletzt bearbeitet 21.11.2024 05:46:10

A flaw was found in stunnel before 5.57, where it improperly validates client certificates when it is configured to use both redirect and verifyChain options. This flaw allows an attacker with a certificate signed by a Certificate Authority, which is...

5.8

CVE-2015-3644

  • EPSS 0.25%
  • Veröffentlicht 14.05.2015 00:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote attackers to bypass authentication.

4.3

CVE-2014-0016

  • EPSS 0.31%
  • Veröffentlicht 24.03.2014 16:31:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

stunnel before 5.00, when using fork threading, does not properly update the state of the OpenSSL pseudo-random number generator (PRNG), which causes subsequent children with the same process ID to use the same entropy pool and allows remote attacker...

6.6

CVE-2013-1762

  • EPSS 2.01%
  • Veröffentlicht 08.03.2013 18:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer ...

9.3

CVE-2011-2940

  • EPSS 12.76%
  • Veröffentlicht 25.08.2011 14:22:47
  • Zuletzt bearbeitet 11.04.2025 00:51:21

stunnel 4.40 and 4.41 might allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

6.8

CVE-2008-2420

  • EPSS 0.49%
  • Veröffentlicht 23.05.2008 15:32:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates.

7.2

CVE-2008-2400

  • EPSS 0.05%
  • Veröffentlicht 22.05.2008 13:09:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Unspecified vulnerability in stunnel before 4.23, when running as a service on Windows, allows local users to gain privileges via unknown attack vectors.

4.6

CVE-2003-0740

  • EPSS 0.12%
  • Veröffentlicht 20.10.2003 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Stunnel 4.00, and 3.24 and earlier, leaks a privileged file descriptor returned by listen(), which allows local users to hijack the Stunnel server.

1.2

CVE-2002-1563

  • EPSS 0.08%
  • Veröffentlicht 12.05.2003 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

stunnel 4.0.3 and earlier allows attackers to cause a denial of service (crash) via SIGCHLD signal handler race conditions that cause an inconsistency in the child counter.

5

CVE-2003-0147

  • EPSS 20.2%
  • Veröffentlicht 31.03.2003 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the us...