Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2003-0740 — Stunnel vulnerability

8 documents8 sources

Severity

4.6MEDIUMNVD

EPSS

0.1%

top 69.74%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Stunnel

Timeline

PublishedOct 20

Latest updateApr 29

Description

Stunnel 4.00, and 3.24 and earlier, leaks a privileged file descriptor returned by listen(), which allows local users to hijack the Stunnel server.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages1 packages

▶NVDstunnel/stunnel23 versions+22

🔴Vulnerability Details

GHSA

GHSA-94h5-4g3p-4v6g: Stunnel 4↗2022-04-29

▶

OSV

CVE-2003-0740: Stunnel 4↗2003-10-20

▶

CVEList

CVE-2003-0740: Stunnel 4↗2003-09-04

▶

💥Exploits & PoCs

Exploit-DB

Stunnel 3.24/4.00 - Daemon Hijacking↗2003-09-05

▶

📋Vendor Advisories

Red Hat

security flaw↗2003-09-03

▶

Debian

CVE-2003-0740: stunnel4 - Stunnel 4.00, and 3.24 and earlier, leaks a privileged file descriptor returned ...↗2003

▶

💬Community

Bugzilla

CVE-2003-0740 security flaw↗2018-08-16

▶