Lucene search
K

17 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:40 a.m.3 views

SUSE CVE-2013-1762

stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow...

6.6CVSS8.4AI score0.02932EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.29 views

Oracle: Security Advisory (ELSA-2013-0714)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.6CVSS6.5AI score0.02932EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.34 views

Oracle Linux 6 : stunnel (ELSA-2013-0714)

The remote Oracle Linux 6 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2013-0714 advisory. 4.29-3 Resolves: CVE-2013-1762 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

6.6CVSS8.2AI score0.02932EPSS
Exploits0References2
securityvulns
securityvulns
added 2013/05/04 12:0 a.m.61 views

[SECURITY] [DSA 2664-1] stunnel4 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2664-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso May 2, 2013 http://www.debian.org/security/faq -...

6.6CVSS1.8AI score0.02932EPSS
Exploits0
Debian
Debian
added 2013/05/02 5:13 p.m.23 views

[SECURITY] [DSA 2664-1] stunnel4 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2664-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso May 2, 2013 http://www.debian.org/security/faq -...

6.6CVSS6.9AI score0.02932EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/04/24 12:0 a.m.31 views

SuSE 11.2 Security Update : stunnel (SAT Patch Number 7449)

This update for stunnel fixes a buffer overflow vulnerability caused by incorrect integer conversion in the NTLM authentication of the CONNECT protocol negotiation. CVE-2013-1762 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

6.6CVSS8.5AI score0.02932EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2013/04/20 12:0 a.m.33 views

Mandriva Linux Security Advisory : stunnel (MDVSA-2013:130)

Updated stunnel packages fix security vulnerability : stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a...

6.6CVSS8.5AI score0.02932EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2013/04/15 12:0 a.m.15 views

RedHat Update for stunnel RHSA-2013:0714-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.6CVSS6.5AI score0.02932EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2013/04/15 12:0 a.m.28 views

CentOS Update for stunnel CESA-2013:0714 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.6CVSS8.5AI score0.02932EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/04/10 12:0 a.m.45 views

CentOS 6 : stunnel (CESA-2013:0714)

An updated stunnel package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

6.6CVSS8.2AI score0.02932EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/04/09 12:0 a.m.27 views

Scientific Linux Security Update : stunnel on SL6.x i386/x86_64 (20130408)

An integer conversion issue was found in stunnel when using Microsoft NT LAN Manager NTLM authentication with the HTTP CONNECT tunneling method. With this configuration, and using stunnel in SSL client mode on a 64-bit system, an attacker could possibly execute arbitrary code with the privileges ...

6.6CVSS8.4AI score0.02932EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/04/09 12:0 a.m.40 views

RHEL 6 : stunnel (RHSA-2013:0714)

An updated stunnel package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

6.6CVSS8.2AI score0.02932EPSS
Exploits0References4
Oracle linux
Oracle linux
added 2013/04/08 12:0 a.m.42 views

stunnel security update

4.29-3 Resolves: CVE-2013-1762...

6.6CVSS1.7AI score0.02932EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/03/26 12:0 a.m.117 views

stunnel 4.21 - 4.54 Multiple Vulnerabilities

The version of stunnel installed on the remote host is a version after 4.21 and prior to 4.55. It is, therefore, affected by the following vulnerabilities : - The bundled version of OpenSSL contains an error related to CBC-mode and timing that allows an attacker to recover plaintext from encrypte...

6.6CVSS6.8AI score0.35584EPSS
Exploits1References5
OSV
OSV
added 2013/03/08 6:55 p.m.5 views

CVE-2013-1762

stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow...

6.6CVSS7.7AI score0.02932EPSS
Exploits0References5
CVE
CVE
added 2013/03/08 6:0 p.m.83 views

CVE-2013-1762

CVE-2013-1762 affects stunnel 4.21–4.54 when NTLM authentication and CONNECT protocol negotiation are enabled. A mis-handled integer conversion can trigger a buffer overflow, allowing a remote attacker to execute arbitrary code via a crafted request to a proxy. Connected advisories consistently c...

6.6CVSS7.8AI score0.02932EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2013/03/08 6:0 p.m.16 views

CVE-2013-1762

stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow...

7.6AI score0.02932EPSS
Exploits0References5
Rows per page
Query Builder