Search...

stunnel protection bypass

2008-08-08T00:00:00

ID SECURITYVULNS:VULN:9208
Type securityvulns
Reporter BUGTRAQ
Modified 2008-08-08T00:00:00

Description

Revoked certificate status is incorrectly checked.

JSON Vulners Source

Initial Source

{"id": "SECURITYVULNS:VULN:9208", "bulletinFamily": "software", "title": "stunnel protection bypass", "description": "Revoked certificate status is incorrectly checked.", "published": "2008-08-08T00:00:00", "modified": "2008-08-08T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9208", "reporter": "BUGTRAQ", "references": ["https://vulners.com/securityvulns/securityvulns:doc:20319"], "cvelist": ["CVE-2008-2420"], "type": "securityvulns", "lastseen": "2018-08-31T11:09:30", "edition": 1, "viewCount": 2, "enchantments": {"score": {"value": 6.0, "vector": "NONE", "modified": "2018-08-31T11:09:30", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2008-2420"]}, {"type": "openvas", "idList": ["OPENVAS:830592", "OPENVAS:860737", "OPENVAS:61441", "OPENVAS:860791", "OPENVAS:860478", "OPENVAS:1361412562310830592"]}, {"type": "nessus", "idList": ["FEDORA_2008-4579.NASL", "FEDORA_2008-4606.NASL", "FEDORA_2008-4531.NASL", "MANDRIVA_MDVSA-2008-168.NASL", "GENTOO_GLSA-200808-08.NASL"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:20319"]}, {"type": "gentoo", "idList": ["GLSA-200808-08"]}], "modified": "2018-08-31T11:09:30", "rev": 2}, "vulnersScore": 6.0}, "affectedSoftware": [{"name": "stunnel", "operator": "eq", "version": "4.23"}]}

{"cve": [{"lastseen": "2021-02-02T05:35:14", "description": "The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates.", "edition": 4, "cvss3": {}, "published": "2008-05-23T15:32:00", "title": "CVE-2008-2420", "type": "cve", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-2420"], "modified": "2017-08-08T01:31:00", "cpe": ["cpe:/a:stunnel:stunnel:3.21c", "cpe:/a:stunnel:stunnel:3.8p3", "cpe:/a:stunnel:stunnel:4.13", "cpe:/a:stunnel:stunnel:3.18", "cpe:/a:stunnel:stunnel:4.02", "cpe:/a:stunnel:stunnel:4.07", "cpe:/a:stunnel:stunnel:3.26", "cpe:/a:stunnel:stunnel:3.21a", "cpe:/a:stunnel:stunnel:3.24", "cpe:/a:stunnel:stunnel:3.10", "cpe:/a:stunnel:stunnel:3.17", "cpe:/a:stunnel:stunnel:4.01", "cpe:/a:stunnel:stunnel:4.15", "cpe:/a:stunnel:stunnel:3.22", "cpe:/a:stunnel:stunnel:4.23", "cpe:/a:stunnel:stunnel:3.5", "cpe:/a:stunnel:stunnel:4.19", "cpe:/a:stunnel:stunnel:4.09", "cpe:/a:stunnel:stunnel:4.12", "cpe:/a:stunnel:stunnel:3.13", "cpe:/a:stunnel:stunnel:3.8p2", "cpe:/a:stunnel:stunnel:3.23", "cpe:/a:stunnel:stunnel:4.21", "cpe:/a:stunnel:stunnel:4.14", "cpe:/a:stunnel:stunnel:4.03", "cpe:/a:stunnel:stunnel:4.06", "cpe:/a:stunnel:stunnel:3.21", "cpe:/a:stunnel:stunnel:3.21b", "cpe:/a:stunnel:stunnel:4.16", "cpe:/a:stunnel:stunnel:3.8", "cpe:/a:stunnel:stunnel:4.18", "cpe:/a:stunnel:stunnel:4.22", "cpe:/a:stunnel:stunnel:3.7", "cpe:/a:stunnel:stunnel:3.6", "cpe:/a:stunnel:stunnel:3.4a", "cpe:/a:stunnel:stunnel:4.05", "cpe:/a:stunnel:stunnel:4.00", "cpe:/a:stunnel:stunnel:3.12", "cpe:/a:stunnel:stunnel:3.14", "cpe:/a:stunnel:stunnel:4.08", "cpe:/a:stunnel:stunnel:3.15", "cpe:/a:stunnel:stunnel:3.16", "cpe:/a:stunnel:stunnel:3.11", "cpe:/a:stunnel:stunnel:3.20", "cpe:/a:stunnel:stunnel:4.04", "cpe:/a:stunnel:stunnel:3.19", "cpe:/a:stunnel:stunnel:4.20", "cpe:/a:stunnel:stunnel:3.25", "cpe:/a:stunnel:stunnel:4.11", "cpe:/a:stunnel:stunnel:3.9", "cpe:/a:stunnel:stunnel:3.8p4", "cpe:/a:stunnel:stunnel:3.8p1", "cpe:/a:stunnel:stunnel:4.17", "cpe:/a:stunnel:stunnel:4.10"], "id": "CVE-2008-2420", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2420", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:stunnel:stunnel:3.10:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:4.05:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:4.08:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:4.13:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:3.6:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:3.21b:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:4.04:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:3.15:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:4.01:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:3.16:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:3.23:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:3.7:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:3.11:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:3.12:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:4.07:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:3.20:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:4.16:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:4.03:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:4.09:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:4.06:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:3.24:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:3.14:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:3.8p2:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:4.02:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:4.19:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:3.18:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:4.11:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:4.14:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:4.22:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:3.8p4:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:3.5:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:3.21c:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:3.26:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:3.9:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:4.12:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:3.19:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:3.17:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:3.8p3:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:4.23:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:3.8:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:4.15:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:4.20:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:4.00:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:4.21:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:3.21a:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:4.18:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:3.4a:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:3.22:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:3.8p1:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:4.10:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:3.13:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:3.25:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:3.21:*:*:*:*:*:*:*", "cpe:2.3:a:stunnel:stunnel:4.17:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2017-07-25T10:57:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2420"], "description": "Check for the Version of stunnel", "modified": "2017-07-10T00:00:00", "published": "2009-02-17T00:00:00", "id": "OPENVAS:860478", "href": "http://plugins.openvas.org/nasl.php?oid=860478", "type": "openvas", "title": "Fedora Update for stunnel FEDORA-2008-4606", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for stunnel FEDORA-2008-4606\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"stunnel on Fedora 7\";\ntag_insight = \"Stunnel is a socket wrapper which can provide SSL (Secure Sockets\n Layer) support to ordinary applications. For example, it can be used\n in conjunction with imapd to create an SSL secure IMAP server.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00942.html\");\n script_id(860478);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-17 16:47:15 +0100 (Tue, 17 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2008-4606\");\n script_cve_id(\"CVE-2008-2420\");\n script_name( \"Fedora Update for stunnel FEDORA-2008-4606\");\n\n script_summary(\"Check for the Version of stunnel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"stunnel\", rpm:\"stunnel~4.24~0.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:57:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2420"], "description": "Check for the Version of stunnel", "modified": "2017-07-10T00:00:00", "published": "2009-02-17T00:00:00", "id": "OPENVAS:860791", "href": "http://plugins.openvas.org/nasl.php?oid=860791", "type": "openvas", "title": "Fedora Update for stunnel FEDORA-2008-4531", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for stunnel FEDORA-2008-4531\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"stunnel on Fedora 9\";\ntag_insight = \"Stunnel is a socket wrapper which can provide SSL (Secure Sockets\n Layer) support to ordinary applications. For example, it can be used\n in conjunction with imapd to create an SSL secure IMAP server.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00856.html\");\n script_id(860791);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-17 16:47:15 +0100 (Tue, 17 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2008-4531\");\n script_cve_id(\"CVE-2008-2420\");\n script_name( \"Fedora Update for stunnel FEDORA-2008-4531\");\n\n script_summary(\"Check for the Version of stunnel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC9\")\n{\n\n if ((res = isrpmvuln(pkg:\"stunnel\", rpm:\"stunnel~4.24~1.fc9\", rls:\"FC9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:56:15", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2420"], "description": "Check for the Version of stunnel", "modified": "2017-07-06T00:00:00", "published": "2009-04-09T00:00:00", "id": "OPENVAS:830592", "href": "http://plugins.openvas.org/nasl.php?oid=830592", "type": "openvas", "title": "Mandriva Update for stunnel MDVSA-2008:168 (stunnel)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for stunnel MDVSA-2008:168 (stunnel)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability was found in the OCSP search functionality in stunnel\n that could allow a remote attacker to use a revoked certificate that\n would be successfully authenticated by stunnel (CVE-2008-2420).\n This flaw only concerns users who have enabled OCSP validation\n in stunnel.\n\n The updated packages have been patched to correct this issue.\";\n\ntag_affected = \"stunnel on Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64,\n Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64,\n Mandriva Linux 2008.1,\n Mandriva Linux 2008.1/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-08/msg00011.php\");\n script_id(830592);\n script_version(\"$Revision: 6568 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:26:37 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2008:168\");\n script_cve_id(\"CVE-2008-2420\");\n script_name( \"Mandriva Update for stunnel MDVSA-2008:168 (stunnel)\");\n\n script_summary(\"Check for the Version of stunnel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libstunnel0\", rpm:\"libstunnel0~4.20~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libstunnel0-devel\", rpm:\"libstunnel0-devel~4.20~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"stunnel\", rpm:\"stunnel~4.20~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64stunnel0\", rpm:\"lib64stunnel0~4.20~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64stunnel0-devel\", rpm:\"lib64stunnel0-devel~4.20~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libstunnel0\", rpm:\"libstunnel0~4.20~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libstunnel0-devel\", rpm:\"libstunnel0-devel~4.20~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"stunnel\", rpm:\"stunnel~4.20~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64stunnel0\", rpm:\"lib64stunnel0~4.20~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64stunnel0-devel\", rpm:\"lib64stunnel0-devel~4.20~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libstunnel0\", rpm:\"libstunnel0~4.21~2.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libstunnel-devel\", rpm:\"libstunnel-devel~4.21~2.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libstunnel-static-devel\", rpm:\"libstunnel-static-devel~4.21~2.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"stunnel\", rpm:\"stunnel~4.21~2.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64stunnel0\", rpm:\"lib64stunnel0~4.21~2.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64stunnel-devel\", rpm:\"lib64stunnel-devel~4.21~2.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64stunnel-static-devel\", rpm:\"lib64stunnel-static-devel~4.21~2.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2420"], "description": "The remote host is missing updates announced in\nadvisory GLSA 200808-08.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "id": "OPENVAS:61441", "href": "http://plugins.openvas.org/nasl.php?oid=61441", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200808-08 (stunnel)", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"stunnel does not properly prevent the authentication of a revoked\ncertificate which would be published by OCSP.\";\ntag_solution = \"All stunnel users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-misc/stunnel-1.2.3'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200808-08\nhttp://bugs.gentoo.org/show_bug.cgi?id=222805\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200808-08.\";\n\n \n\nif(description)\n{\n script_id(61441);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2008-2420\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200808-08 (stunnel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"net-misc/stunnel\", unaffected: make_list(\"ge 4.24\"), vulnerable: make_list(\"lt 4.24\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:27", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2420"], "description": "Check for the Version of stunnel", "modified": "2017-07-10T00:00:00", "published": "2009-02-17T00:00:00", "id": "OPENVAS:860737", "href": "http://plugins.openvas.org/nasl.php?oid=860737", "type": "openvas", "title": "Fedora Update for stunnel FEDORA-2008-4579", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for stunnel FEDORA-2008-4579\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"stunnel on Fedora 8\";\ntag_insight = \"Stunnel is a socket wrapper which can provide SSL (Secure Sockets\n Layer) support to ordinary applications. For example, it can be used\n in conjunction with imapd to create an SSL secure IMAP server.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00907.html\");\n script_id(860737);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-17 16:47:15 +0100 (Tue, 17 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2008-4579\");\n script_cve_id(\"CVE-2008-2420\");\n script_name( \"Fedora Update for stunnel FEDORA-2008-4579\");\n\n script_summary(\"Check for the Version of stunnel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"stunnel\", rpm:\"stunnel~4.24~0.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-09T11:39:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2420"], "description": "Check for the Version of stunnel", "modified": "2018-04-06T00:00:00", "published": "2009-04-09T00:00:00", "id": "OPENVAS:1361412562310830592", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830592", "type": "openvas", "title": "Mandriva Update for stunnel MDVSA-2008:168 (stunnel)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for stunnel MDVSA-2008:168 (stunnel)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability was found in the OCSP search functionality in stunnel\n that could allow a remote attacker to use a revoked certificate that\n would be successfully authenticated by stunnel (CVE-2008-2420).\n This flaw only concerns users who have enabled OCSP validation\n in stunnel.\n\n The updated packages have been patched to correct this issue.\";\n\ntag_affected = \"stunnel on Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64,\n Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64,\n Mandriva Linux 2008.1,\n Mandriva Linux 2008.1/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-08/msg00011.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830592\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:26:37 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2008:168\");\n script_cve_id(\"CVE-2008-2420\");\n script_name( \"Mandriva Update for stunnel MDVSA-2008:168 (stunnel)\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of stunnel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libstunnel0\", rpm:\"libstunnel0~4.20~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libstunnel0-devel\", rpm:\"libstunnel0-devel~4.20~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"stunnel\", rpm:\"stunnel~4.20~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64stunnel0\", rpm:\"lib64stunnel0~4.20~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64stunnel0-devel\", rpm:\"lib64stunnel0-devel~4.20~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libstunnel0\", rpm:\"libstunnel0~4.20~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libstunnel0-devel\", rpm:\"libstunnel0-devel~4.20~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"stunnel\", rpm:\"stunnel~4.20~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64stunnel0\", rpm:\"lib64stunnel0~4.20~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64stunnel0-devel\", rpm:\"lib64stunnel0-devel~4.20~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libstunnel0\", rpm:\"libstunnel0~4.21~2.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libstunnel-devel\", rpm:\"libstunnel-devel~4.21~2.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libstunnel-static-devel\", rpm:\"libstunnel-static-devel~4.21~2.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"stunnel\", rpm:\"stunnel~4.21~2.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64stunnel0\", rpm:\"lib64stunnel0~4.21~2.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64stunnel-devel\", rpm:\"lib64stunnel-devel~4.21~2.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64stunnel-static-devel\", rpm:\"lib64stunnel-static-devel~4.21~2.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2016-09-06T19:47:02", "bulletinFamily": "unix", "cvelist": ["CVE-2008-2420"], "description": "### Background\n\nThe stunnel program is designed to work as an SSL encryption wrapper between a remote client and a local or remote server. OCSP (Online Certificate Status Protocol), as described in RFC 2560, is an internet protocol used for obtaining the revocation status of an X.509 digital certificate. \n\n### Description\n\nAn unspecified bug in the OCSP search functionality of stunnel has been discovered. \n\n### Impact\n\nA remote attacker can use a revoked certificate that would be successfully authenticated by stunnel. This issue only concerns the users who have enabled the OCSP validation in stunnel. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll stunnel users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-misc/stunnel-4.24\"", "edition": 1, "modified": "2009-08-09T00:00:00", "published": "2008-08-08T00:00:00", "id": "GLSA-200808-08", "href": "https://security.gentoo.org/glsa/200808-08", "type": "gentoo", "title": "stunnel: Security bypass", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2021-01-07T10:52:24", "description": "The remote host is affected by the vulnerability described in GLSA-200808-08\n(stunnel: Security bypass)\n\n An unspecified bug in the OCSP search functionality of stunnel has been\n discovered.\n \nImpact :\n\n A remote attacker can use a revoked certificate that would be\n successfully authenticated by stunnel. This issue only concerns the\n users who have enabled the OCSP validation in stunnel.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 24, "published": "2008-08-10T00:00:00", "title": "GLSA-200808-08 : stunnel: Security bypass", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2420"], "modified": "2008-08-10T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:stunnel", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200808-08.NASL", "href": "https://www.tenable.com/plugins/nessus/33854", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200808-08.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(33854);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-2420\");\n script_xref(name:\"GLSA\", value:\"200808-08\");\n\n script_name(english:\"GLSA-200808-08 : stunnel: Security bypass\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200808-08\n(stunnel: Security bypass)\n\n An unspecified bug in the OCSP search functionality of stunnel has been\n discovered.\n \nImpact :\n\n A remote attacker can use a revoked certificate that would be\n successfully authenticated by stunnel. This issue only concerns the\n users who have enabled the OCSP validation in stunnel.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200808-08\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All stunnel users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-misc/stunnel-4.24'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:stunnel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/08/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/08/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-misc/stunnel\", unaffected:make_list(\"ge 4.24\", \"lt 4\"), vulnerable:make_list(\"lt 4.24\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"stunnel\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T11:51:56", "description": "A vulnerability was found in the OCSP search functionality in stunnel\nthat could allow a remote attacker to use a revoked certificate that\nwould be successfully authenticated by stunnel (CVE-2008-2420). This\nflaw only concerns users who have enabled OCSP validation in stunnel.\n\nThe updated packages have been patched to correct this issue.", "edition": 24, "published": "2009-04-23T00:00:00", "title": "Mandriva Linux Security Advisory : stunnel (MDVSA-2008:168)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2420"], "modified": "2009-04-23T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64stunnel0-devel", "p-cpe:/a:mandriva:linux:lib64stunnel0", "p-cpe:/a:mandriva:linux:lib64stunnel-devel", "p-cpe:/a:mandriva:linux:libstunnel0-devel", "cpe:/o:mandriva:linux:2007.1", "cpe:/o:mandriva:linux:2008.1", "cpe:/o:mandriva:linux:2008.0", "p-cpe:/a:mandriva:linux:lib64stunnel-static-devel", "p-cpe:/a:mandriva:linux:libstunnel-static-devel", "p-cpe:/a:mandriva:linux:libstunnel-devel", "p-cpe:/a:mandriva:linux:stunnel", "p-cpe:/a:mandriva:linux:libstunnel0"], "id": "MANDRIVA_MDVSA-2008-168.NASL", "href": "https://www.tenable.com/plugins/nessus/38063", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2008:168. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38063);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-2420\");\n script_xref(name:\"MDVSA\", value:\"2008:168\");\n\n script_name(english:\"Mandriva Linux Security Advisory : stunnel (MDVSA-2008:168)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability was found in the OCSP search functionality in stunnel\nthat could allow a remote attacker to use a revoked certificate that\nwould be successfully authenticated by stunnel (CVE-2008-2420). This\nflaw only concerns users who have enabled OCSP validation in stunnel.\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64stunnel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64stunnel-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64stunnel0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64stunnel0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libstunnel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libstunnel-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libstunnel0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libstunnel0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:stunnel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64stunnel0-4.20-1.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64stunnel0-devel-4.20-1.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libstunnel0-4.20-1.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libstunnel0-devel-4.20-1.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"stunnel-4.20-1.1mdv2007.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64stunnel0-4.20-1.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64stunnel0-devel-4.20-1.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libstunnel0-4.20-1.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libstunnel0-devel-4.20-1.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"stunnel-4.20-1.1mdv2008.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64stunnel-devel-4.21-2.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64stunnel-static-devel-4.21-2.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64stunnel0-4.21-2.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libstunnel-devel-4.21-2.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libstunnel-static-devel-4.21-2.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libstunnel0-4.21-2.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"stunnel-4.21-2.1mdv2008.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:06:33", "description": "New upstream release 4.24 fixing security issue in certificate\nverification via OCSP protocol:\nhttp://stunnel.mirt.net/pipermail/stunnel-\nannounce/2008-May/000035.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2008-05-29T00:00:00", "title": "Fedora 8 : stunnel-4.24-0.fc8 (2008-4579)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2420"], "modified": "2008-05-29T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:stunnel", "cpe:/o:fedoraproject:fedora:8"], "id": "FEDORA_2008-4579.NASL", "href": "https://www.tenable.com/plugins/nessus/32466", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-4579.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(32466);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-2420\");\n script_xref(name:\"FEDORA\", value:\"2008-4579\");\n\n script_name(english:\"Fedora 8 : stunnel-4.24-0.fc8 (2008-4579)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New upstream release 4.24 fixing security issue in certificate\nverification via OCSP protocol:\nhttp://stunnel.mirt.net/pipermail/stunnel-\nannounce/2008-May/000035.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://stunnel.mirt.net/pipermail/stunnel-\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.stunnel.org/pipermail/stunnel-\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=448290\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-May/010559.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?98abd49c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected stunnel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:stunnel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:8\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/05/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/05/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 8.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC8\", reference:\"stunnel-4.24-0.fc8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"stunnel\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:06:33", "description": "New upstream release 4.24 fixing security issue in certificate\nverification via OCSP protocol:\nhttp://stunnel.mirt.net/pipermail/stunnel-\nannounce/2008-May/000035.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2008-05-29T00:00:00", "title": "Fedora 7 : stunnel-4.24-0.fc7 (2008-4606)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2420"], "modified": "2008-05-29T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:7", "p-cpe:/a:fedoraproject:fedora:stunnel"], "id": "FEDORA_2008-4606.NASL", "href": "https://www.tenable.com/plugins/nessus/32468", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-4606.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(32468);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-2420\");\n script_xref(name:\"FEDORA\", value:\"2008-4606\");\n\n script_name(english:\"Fedora 7 : stunnel-4.24-0.fc7 (2008-4606)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New upstream release 4.24 fixing security issue in certificate\nverification via OCSP protocol:\nhttp://stunnel.mirt.net/pipermail/stunnel-\nannounce/2008-May/000035.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://stunnel.mirt.net/pipermail/stunnel-\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.stunnel.org/pipermail/stunnel-\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=448290\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-May/010594.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ca70b5f8\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected stunnel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:stunnel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/05/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/05/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 7.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC7\", reference:\"stunnel-4.24-0.fc7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"stunnel\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:06:33", "description": "New upstream release 4.24 fixing security issue in certificate\nverification via OCSP protocol:\nhttp://stunnel.mirt.net/pipermail/stunnel-\nannounce/2008-May/000035.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2008-05-29T00:00:00", "title": "Fedora 9 : stunnel-4.24-1.fc9 (2008-4531)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2420"], "modified": "2008-05-29T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:stunnel", "cpe:/o:fedoraproject:fedora:9"], "id": "FEDORA_2008-4531.NASL", "href": "https://www.tenable.com/plugins/nessus/32465", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-4531.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(32465);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-2420\");\n script_xref(name:\"FEDORA\", value:\"2008-4531\");\n\n script_name(english:\"Fedora 9 : stunnel-4.24-1.fc9 (2008-4531)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New upstream release 4.24 fixing security issue in certificate\nverification via OCSP protocol:\nhttp://stunnel.mirt.net/pipermail/stunnel-\nannounce/2008-May/000035.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://stunnel.mirt.net/pipermail/stunnel-\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.stunnel.org/pipermail/stunnel-\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=448290\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-May/010508.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e7732f0b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected stunnel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:stunnel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:9\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/05/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/05/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 9.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC9\", reference:\"stunnel-4.24-1.fc9\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"stunnel\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:27", "bulletinFamily": "software", "cvelist": ["CVE-2008-2420"], "description": "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\nGentoo Linux Security Advisory GLSA 200808-08\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n http://security.gentoo.org/\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n\r\n Severity: Low\r\n Title: stunnel: Security bypass\r\n Date: August 08, 2008\r\n Bugs: #222805\r\n ID: 200808-08\r\n\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n\r\nSynopsis\r\n========\r\n\r\nstunnel does not properly prevent the authentication of a revoked\r\ncertificate which would be published by OCSP.\r\n\r\nBackground\r\n==========\r\n\r\nThe stunnel program is designed to work as an SSL encryption wrapper\r\nbetween a remote client and a local or remote server. OCSP (Online\r\nCertificate Status Protocol), as described in RFC 2560, is an internet\r\nprotocol used for obtaining the revocation status of an X.509 digital\r\ncertificate.\r\n\r\nAffected packages\r\n=================\r\n\r\n -------------------------------------------------------------------\r\n Package / Vulnerable / Unaffected\r\n -------------------------------------------------------------------\r\n 1 net-misc/stunnel < 4.24 >= 4.24\r\n\r\nDescription\r\n===========\r\n\r\nAn unspecified bug in the OCSP search functionality of stunnel has been\r\ndiscovered.\r\n\r\nImpact\r\n======\r\n\r\nA remote attacker can use a revoked certificate that would be\r\nsuccessfully authenticated by stunnel. This issue only concerns the\r\nusers who have enabled the OCSP validation in stunnel.\r\n\r\nWorkaround\r\n==========\r\n\r\nThere is no known workaround at this time.\r\n\r\nResolution\r\n==========\r\n\r\nAll stunnel users should upgrade to the latest version:\r\n\r\n # emerge --sync\r\n # emerge --ask --oneshot --verbose ">=net-misc/stunnel-1.2.3"\r\n\r\nReferences\r\n==========\r\n\r\n [ 1 ] CVE-2008-2420\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2420\r\n\r\nAvailability\r\n============\r\n\r\nThis GLSA and any updates to it are available for viewing at\r\nthe Gentoo Security Website:\r\n\r\n http://security.gentoo.org/glsa/glsa-200808-08.xml\r\n\r\nConcerns?\r\n=========\r\n\r\nSecurity is a primary focus of Gentoo Linux and ensuring the\r\nconfidentiality and security of our users machines is of utmost\r\nimportance to us. Any security concerns should be addressed to\r\nsecurity@gentoo.org or alternatively, you may file a bug at\r\nhttp://bugs.gentoo.org.\r\n\r\nLicense\r\n=======\r\n\r\nCopyright 2008 Gentoo Foundation, Inc; referenced text\r\nbelongs to its owner(s).\r\n\r\nThe contents of this document are licensed under the\r\nCreative Commons - Attribution / Share Alike license.\r\n\r\nhttp://creativecommons.org/licenses/by-sa/2.5", "edition": 1, "modified": "2008-08-08T00:00:00", "published": "2008-08-08T00:00:00", "id": "SECURITYVULNS:DOC:20319", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:20319", "title": "[ GLSA 200808-08 ] stunnel: Security bypass", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2008-2420"], "description": "Stunnel is a socket wrapper which can provide SSL (Secure Sockets Layer) support to ordinary applications. For example, it can be used in conjunction with imapd to create an SSL secure IMAP server. ", "modified": "2008-05-29T02:49:50", "published": "2008-05-29T02:49:50", "id": "FEDORA:M4T2NK4T005112", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 7 Update: stunnel-4.24-0.fc7", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2008-2420"], "description": "Stunnel is a socket wrapper which can provide SSL (Secure Sockets Layer) support to ordinary applications. For example, it can be used in conjunction with imapd to create an SSL secure IMAP server. ", "modified": "2008-05-29T02:47:46", "published": "2008-05-29T02:47:46", "id": "FEDORA:M4T2LLWD004807", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 8 Update: stunnel-4.24-0.fc8", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2008-2420"], "description": "Stunnel is a socket wrapper which can provide SSL (Secure Sockets Layer) support to ordinary applications. For example, it can be used in conjunction with imapd to create an SSL secure IMAP server. ", "modified": "2008-05-29T02:44:32", "published": "2008-05-29T02:44:32", "id": "FEDORA:M4T2I8AD004336", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 9 Update: stunnel-4.24-1.fc9", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}]}