33 matches found
MiracleLinux 4 : stunnel-4.29-3.AXS4 (AXSA:2013-374:01)
The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2013-374:01 advisory. Stunnel is a socket wrapper which can provide SSL Secure Sockets Layer support to ordinary applications. For example, it can be used in conjunction with imapd...
EUVD-2008-2415
Malware in sbrugna...
EUVD-2015-3682
Malware in sbrugna...
EUVD-2014-0117
Malware in sbrugna...
EUVD-2002-1545
Malware in sbrugna...
EUVD-2008-2395
Malware in sbrugna...
EUVD-2021-7669
Malicious code in bioql PyPI...
ROS-20250813-06
A vulnerability in a software wrapper that allows arbitrary traffic to be hidden in an encrypted ssl tunnel Stunnel is related to incorrect client certificate validation when using the parameters redirection and VerifyChain parameters. Exploitation of the vulnerability could allow an attacker...
TencentOS Server 3: stunnel (TSSA-2022:0220)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0220 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
Alibaba Cloud Linux 3 : 0011: stunnel (ALINUX3-SA-2021:0011)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2021:0011 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-20230: A flaw was found in stunnel before...
SUSE CVE-2008-2420
The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists CRL, which allows remote attackers to bypass intended access restrictions by using revoked certificates...
SUSE CVE-2015-3644
Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote attackers to bypass authentication...
A flaw was found in stunnel before 5.57 where it improperly validates client certificates when it is configured to use both redirect and verifyChain options. This flaw allows an attacker with a certificate signed by a Certificate Authority which is not the one accepted by the stunnel server to access the tunneled service instead of being redirected to the address specified in the redirect option. The highest threat from this vulnerability is to confidentiality.
...
AZL-7375 CVE-2021-20230 affecting package stunnel for versions less than 5.70-1
A flaw was found in stunnel before 5.57, where it improperly validates client certificates when it is configured to use both redirect and verifyChain options. This flaw allows an attacker with a certificate signed by a Certificate Authority, which is not the one accepted by the stunnel server, to...
UBUNTU-CVE-2021-20230
A flaw was found in stunnel before 5.57, where it improperly validates client certificates when it is configured to use both redirect and verifyChain options. This flaw allows an attacker with a certificate signed by a Certificate Authority, which is not the one accepted by the stunnel server, to...
CVE-2015-3644
Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote attackers to bypass authentication...
The vulnerability of the Gentoo Linux operating system allows a malicious intruder to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the stunnel package up to version 4.24 in the Gentoo Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...
The vulnerability of the Gentoo Linux operating system allows a malicious intruder to compromise the confidentiality of protected information.
The vulnerability of the stunnel package up to version 5.02 of the Gentoo Linux operating system can lead to a violation of the confidentiality of protected information. This vulnerability can be exploited remotely...
The vulnerability of the Gentoo Linux operating system allows a malicious intruder to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the stunnel package up to version 4.44 of the Gentoo Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...
The vulnerability of the CentOS operating system allows a malicious attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the stunnel-4.29 package for the CentOS operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. Exploitation of this vulnerability can be carried out remotely...