8 matches found
Mandriva Linux Security Advisory : stunnel (MDVSA-2008:168)
A vulnerability was found in the OCSP search functionality in stunnel that could allow a remote attacker to use a revoked certificate that would be successfully authenticated by stunnel CVE-2008-2420. This flaw only concerns users who have enabled OCSP validation in stunnel. The updated packages...
Fedora Update for stunnel FEDORA-2008-4531
Check for the Version of stunnel OpenVAS Vulnerability Test Fedora Update for stunnel FEDORA-2008-4531 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Fedora Update for stunnel FEDORA-2008-4606
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for stunnel FEDORA-2008-4579
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Gentoo Security Advisory GLSA 200808-08 (stunnel)
The remote host is missing updates announced in advisory GLSA 200808-08. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GLSA-200808-08 : stunnel: Security bypass
The remote host is affected by the vulnerability described in GLSA-200808-08 stunnel: Security bypass An unspecified bug in the OCSP search functionality of stunnel has been discovered. Impact : A remote attacker can use a revoked certificate that would be successfully authenticated by stunnel...
[ GLSA 200808-08 ] stunnel: Security bypass
Gentoo Linux Security Advisory GLSA 200808-08 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...
CVE-2008-2420
CVE-2008-2420 affects stunnel’s OCSP search functionality (pre-4.24) where certificate revocation lists (CRLs) are not properly checked. This can let a remote attacker bypass access restrictions by presenting a revoked certificate, as described in multiple advisories; Mandriva notes updated packa...