Lucene search
K

7 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:33 a.m.3 views

SUSE CVE-2014-0016

stunnel before 5.00, when using fork threading, does not properly update the state of the OpenSSL pseudo-random number generator PRNG, which causes subsequent children with the same process ID to use the same entropy pool and allows remote attackers to obtain private keys for EC ECDSA or DSA...

4.3CVSS7AI score0.02155EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.19 views

Mageia: Security Advisory (MGASA-2014-0144)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS7.6AI score0.02155EPSS
Exploits1References4
Rosalinux
Rosalinux
added 2021/07/02 6:10 p.m.21 views

Advisory ROSA-SA-2021-1978

Software: stunnel 4.56 OS: Cobalt 7.9 CVE-ID: CVE-2014-0016 CVE-Crit: MEDIUM CVE-DESC: stunnel before 5.00 when using fork streaming does not properly update the OpenSSL pseudo-random number generator PRNG state, which causes subsequent children with the same process ID to use the same entropy po...

7.5CVSS7.3AI score0.02155EPSS
Exploits1
OpenVAS
OpenVAS
added 2015/09/29 12:0 a.m.23 views

Gentoo Security Advisory GLSA 201408-14

Gentoo Linux Local Security Checks GLSA 201408-14 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

4.3CVSS8.4AI score0.02155EPSS
Exploits1References1
Kaspersky
Kaspersky
added 2014/06/24 12:0 a.m.130 views

KLA10342 OSI vulnerability in Stunnel

Improper work with OpenSSL was found in Stunnel. By exploiting this vulnerability malicious users can obtain private keys or certificates. This vulnerability can be exploited remotely at a point related to children’s processes. Original advisories Stunnel Changelog Related products Stunnel CVE li...

4.3CVSS7.5AI score0.02155EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2014/05/05 12:0 a.m.27 views

Fedora Update for stunnel FEDORA-2014-5321

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.2AI score0.99999EPSS
Exploits87References4
CVE
CVE
added 2014/03/23 3:0 p.m.78 views

CVE-2014-0016

CVE-2014-0016 affects stunnel prior to 5.00 where PRNG state is not properly updated after fork-threading. This can cause subsequent child processes (sharing the same PID) to reuse the same entropy pool, enabling attackers to potentially obtain private keys for EC (ECDSA) or DSA certificates when...

4.3CVSS7.2AI score0.02155EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder