3 matches found
CVE-2013-1762
stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow...
stunnel file descriptors leak
Child process has access to critical descriptors...
Stunnel format string bugs
Format string bug on syslog call...