24 matches found
CVE-2013-1762
CVE-2013-1762 affects stunnel 4.21–4.54 when NTLM authentication and CONNECT protocol negotiation are enabled. A mis-handled integer conversion can trigger a buffer overflow, allowing a remote attacker to execute arbitrary code via a crafted request to a proxy. Connected advisories consistently c...
FreeBSD : stunnel -- Remote Code Execution (c97219b6-843d-11e2-b131-000c299b62e1)
Michal Trojnara reports : 64-bit versions of stunnel with the following conditions : NTLM authentication enabled CONNECT protocol negotiation enabled Configured in SSL client mode An attacker that can either control the proxy server specified in the 'connect' option or execute MITM attacks on the...
stunnel -- Remote Code Execution
Michal Trojnara reports: 64-bit versions of stunnel with the following conditions: NTLM authentication enabled CONNECT protocol negotiation enabled Configured in SSL client mode An attacker that can either control the proxy server specified in the "connect" option or execute MITM attacks on the T...
DConnect Daemon Multiple Vulnerabilities
Luigi Auriemma Application: DConnect Daemon http://www.dc.ds.pg.gda.pl Versions: = 0.7.0 and CVS = 30 Jul 2006 Platforms: Windows, nix, BSD and others Bugs: A listenthreadudp buffer-overflow B dcchat NULL pointer C various format string bugs privileges needed Exploitation: remote Date: 06 Aug 200...