cbcvebase.

Debian Stunnel4 vulnerabilities

7 known vulnerabilities affecting debian/stunnel4.

Total CVEs
7
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1MEDIUM3LOW2

Vulnerabilities

Page 1 of 1
CVE-2011-2940P3CRITICALCVSS 9.3fixed in stunnel4 3:4.42-1 (bookworm)2011
CVE-2011-2940 [CRITICAL] CVE-2011-2940: stunnel4 - stunnel 4.40 and 4.41 might allow remote attackers to execute arbitrary code or ... stunnel 4.40 and 4.41 might allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. Scope: local bookworm: resolved (fixed in 3:4.42-1) bullseye: resolved (fixed in 3:4.42-1) forky: resolved (fixed in 3:4.42-1) sid: resolved (fixed in 3:4.42-1) trixie: resolved (fixed in 3:4.42-1)
debian
CVE-2021-20230P3HIGHCVSS 7.5fixed in stunnel4 3:5.56+dfsg-8 (bookworm)2021
CVE-2021-20230 [HIGH] CVE-2021-20230: stunnel4 - A flaw was found in stunnel before 5.57, where it improperly validates client ce... A flaw was found in stunnel before 5.57, where it improperly validates client certificates when it is configured to use both redirect and verifyChain options. This flaw allows an attacker with a certificate signed by a Certificate Authority, which is not the one accepted by the stunnel server, to access the tunneled service instead of being redirected to the addres
debian
CVE-2013-1762P3MEDIUMCVSS 6.6fixed in stunnel4 3:4.53-1.1 (bookworm)2013
CVE-2013-1762 [MEDIUM] CVE-2013-1762: stunnel4 - stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentica... stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow. Scope: local bookworm: resolved (fixed in 3:4.53-1.1) bullseye: resolved (fixed in 3:4.53-1.1) forky: resol
debian
CVE-2008-2420P3LOWCVSS 6.8fixed in stunnel4 3:4.22-1.1 (bookworm)2008
CVE-2008-2420 [MEDIUM] CVE-2008-2420: stunnel4 - The OCSP functionality in stunnel before 4.24 does not properly search certifica... The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates. Scope: local bookworm: resolved (fixed in 3:4.22-1.1) bullseye: resolved (fixed in 3:4.22-1.1) forky: resolved (fixed in 3:4.22-1.1) sid: resolved (fixed in 3:4
debian
CVE-2015-3644P3MEDIUMCVSS 5.8fixed in stunnel4 3:5.18-1 (bookworm)2015
CVE-2015-3644 [MEDIUM] CVE-2015-3644: stunnel4 - Stunnel 5.00 through 5.13, when using the redirect option, does not redirect cli... Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote attackers to bypass authentication. Scope: local bookworm: resolved (fixed in 3:5.18-1) bullseye: resolved (fixed in 3:5.18-1) forky: resolved (fixed in 3:5.18-1) sid: resolved (fixed in 3:5.18-1) t
debian
CVE-2003-0740P4MEDIUMCVSS 4.6PoCfixed in stunnel4 2:4.04 (bookworm)2003
CVE-2003-0740 [MEDIUM] CVE-2003-0740: stunnel4 - Stunnel 4.00, and 3.24 and earlier, leaks a privileged file descriptor returned ... Stunnel 4.00, and 3.24 and earlier, leaks a privileged file descriptor returned by listen(), which allows local users to hijack the Stunnel server. Scope: local bookworm: resolved (fixed in 2:4.04) bullseye: resolved (fixed in 2:4.04) forky: resolved (fixed in 2:4.04) sid: resolved (fixed in 2:4.04) trixie: resolved (fixed in 2:4.04)
debian
CVE-2002-1563P4LOWCVSS 1.2fixed in stunnel4 4.04-1 (bookworm)2002
CVE-2002-1563 [LOW] CVE-2002-1563: stunnel4 - stunnel 4.0.3 and earlier allows attackers to cause a denial of service (crash) ... stunnel 4.0.3 and earlier allows attackers to cause a denial of service (crash) via SIGCHLD signal handler race conditions that cause an inconsistency in the child counter. Scope: local bookworm: resolved (fixed in 4.04-1) bullseye: resolved (fixed in 4.04-1) forky: resolved (fixed in 4.04-1) sid: resolved (fixed in 4.04-1) trixie: resolved (fixed in 4.04-1)
debian
Debian Stunnel4 vulnerabilities | cvebase