Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2015/07/06 12:0 a.m.27 views

Debian DSA-3299-1 : stunnel4 - security update

Johan Olofsson discovered an authentication bypass vulnerability in Stunnel, a program designed to work as an universal SSL tunnel for network daemons. When Stunnel in server mode is used with the redirect option and certificate-based authentication is enabled with 'verify = 2'or higher, then onl...

5.8CVSS5.5AI score0.02136EPSS
Exploits0References4
Debian
Debian
added 2015/07/02 3:48 p.m.38 views

[SECURITY] [DSA 3299-1] stunnel4 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3299-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 02, 2015 https://www.debian.org/security/faq -...

5.8CVSS6AI score0.02136EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/06/16 12:0 a.m.23 views

SUSE SLES12 Security Update : stunnel (SUSE-SU-2015:1062-1)

This update fixes an authentication bypass when using the 'redirect' option CVE-2015-3644, bsc931517, backport from v5.17. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and...

5.8CVSS5.4AI score0.02136EPSS
Exploits0References4
OSV
OSV
added 2015/05/27 12:15 p.m.3 views

SUSE-SU-2015:1062-1 Security update for stunnel

This update fixes an authentication bypass when using the 'redirect' option CVE-2015-3644, bsc931517, backport from v5.17...

5.8CVSS6.6AI score0.02136EPSS
Exploits0References3
OSV
OSV
added 2015/05/14 12:59 a.m.3 views

CVE-2015-3644

Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote attackers to bypass authentication...

5.8CVSS6.5AI score0.02136EPSS
Exploits0References5
CVE
CVE
added 2015/05/14 12:0 a.m.64 views

CVE-2015-3644

CVE-2015-3644 affects Stunnel when run in server mode with the redirect option and certificate-based authentication (verify >= 2). The vulnerability causes only the initial connection to be redirected, enabling an authentication bypass. Affected versions include Stunnel 5.00–5.13; the issue is...

5.8CVSS6.5AI score0.02136EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder