CVE-2013-1762 — Code Injection in Stunnel

CWE-94 — Code Injection8 documents7 sources

Severity

6.6MEDIUMNVD

EPSS

2.0%

top 16.27%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Stunnel

Timeline

PublishedMar 8

Latest updateMay 17

Description

stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow.

CVSS vector

AV:N/AC:H/C:P/I:P/A:CExploitability: 4.9 | Impact: 8.5

Affected Packages1 packages

▶NVDstunnel/stunnel4.54+33

🔴Vulnerability Details

GHSA

GHSA-997q-cp6v-cm6w: stunnel 4↗2022-05-17

▶

OSV

CVE-2013-1762: stunnel 4↗2013-03-08

▶

CVEList

CVE-2013-1762: stunnel 4↗2013-03-08

▶

📋Vendor Advisories

Red Hat

Stunnel: buffer overflow vulnerability due to incorrect integer conversion in the NTLM authentication of the CONNECT protocol negotiation↗2013-03-03

▶

Debian

CVE-2013-1762: stunnel4 - stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentica...↗2013

▶

💬Community

Bugzilla

CVE-2013-4452 JBoss ON: World readable configuration files expose sensitive data↗2013-10-22

▶

Bugzilla

CVE-2013-1762 Stunnel: buffer overflow vulnerability due to incorrect integer conversion in the NTLM authentication of the CONNECT protocol negotiation↗2013-03-04

▶