44 matches found
CVE-2002-0002
The connected advisory confirms a format-string vulnerability in stunnel for client-mode negotiations (smtp, pop, nntp). Affected versions: 3.15 through 3.21c; 3.22 is not vulnerable. The flaw arises in the functions that implement client-side SMTP/POP/NNTP negotiations, allowing a malicious serv...
CVE-2002-0002
Format string vulnerability in stunnel before 3.22 when used in client mode for 1 smtp, 2 pop, or 3 nntp allows remote malicious servers to execute arbitrary code...
CVE-2002-0002
Format string vulnerability in stunnel before 3.22 when used in client mode for 1 smtp, 2 pop, or 3 nntp allows remote malicious servers to execute arbitrary code...
Stunnel: Format String Bug in versions <3.22
Don't know why this didn't get approved when I submitted it last week, but here goes again... Release Date: 2001-Dec-22 Package: stunnel Versions: stunnel-3.3 = stunnel-3.21c Problem type: format string bugs Exploit script: none currently known Severity: high Network-accessible: yes Discovery:...