3 matches found
DEBIAN-CVE-2013-1762
stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow...
Stunnel <= 3.24 4.00 Daemon Hijacking Proof of Concept Exploit
No description provided by source. / By Steve Grubb : The technique is simple. 1 Fork so that stunnel can't find you when it dies. 2 Send stunnel a SIGUSR2. Unhandled signals generally kill programs. Since you are a child of stunnel, the OS will deliver the signal. 3 Select on the leaked descript...
DEBIAN-CVE-2002-1563
stunnel 4.0.3 and earlier allows attackers to cause a denial of service crash via SIGCHLD signal handler race conditions that cause an inconsistency in the child counter...