STunnel Client Negotiation Protocol Format String Vulnerability

Bugtraq ID: 3748
Class: Input Validation Error
CVE:
Remote: Yes
Local: No
Published: Dec 22 2001 12:00AM
Updated: Dec 22 2001 12:00AM
Credit: This vulnerability was originally discovered by Matthias Lange <ml@netuse.de>, and announced via Bugtraq by Brian Hatch <bugtraq@ifokr.org> on December 27, 2001.
Vulnerable: Stunnel Stunnel 3.21 c
Stunnel Stunnel 3.21 b
Stunnel Stunnel 3.21 a
Stunnel Stunnel 3.21
Stunnel Stunnel 3.19
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
Stunnel Stunnel 3.18
Stunnel Stunnel 3.17
Stunnel Stunnel 3.16
Stunnel Stunnel 3.15
Stunnel Stunnel 3.20
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
Not Vulnerable: Stunnel Stunnel 3.22
- Conectiva Linux 9.0
- Conectiva Linux 8.0
+ EnGarde Secure Community 2.0
+ EnGarde Secure Community 1.0.1
+ EnGarde Secure Professional 1.5
+ EnGarde Secure Professional 1.2
+ EnGarde Secure Professional 1.1
+ Sun Linux 5.0.7


 

Privacy Statement
Copyright 2010, SecurityFocus