Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2013-1762 (GCVE-0-2013-1762)
Vulnerability from cvelistv5 – Published: 2013-03-08 18:00 – Updated: 2024-08-06 15:13
VLAI?
EPSS
Summary
stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:13:32.427Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDVSA-2013:130",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:130"
},
{
"name": "RHSA-2013:0714",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0714.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.stunnel.org/CVE-2013-1762.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0097"
},
{
"name": "DSA-2664",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2664"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-03-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-01-13T12:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDVSA-2013:130",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:130"
},
{
"name": "RHSA-2013:0714",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0714.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.stunnel.org/CVE-2013-1762.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0097"
},
{
"name": "DSA-2664",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2664"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-1762",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDVSA-2013:130",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:130"
},
{
"name": "RHSA-2013:0714",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0714.html"
},
{
"name": "https://www.stunnel.org/CVE-2013-1762.html",
"refsource": "CONFIRM",
"url": "https://www.stunnel.org/CVE-2013-1762.html"
},
{
"name": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0097",
"refsource": "CONFIRM",
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0097"
},
{
"name": "DSA-2664",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2664"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-1762",
"datePublished": "2013-03-08T18:00:00",
"dateReserved": "2013-02-19T00:00:00",
"dateUpdated": "2024-08-06T15:13:32.427Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.54\", \"matchCriteriaId\": \"9C661630-13C3-449F-9E37-F378EB55A03B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.21:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B07502AA-E3E7-4143-B194-7C366CEA4A28\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.22:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"97C554E8-62F4-4C73-821D-AB93D8EE841C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.23:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"061A0C84-B26C-4ED6-9771-8B7D29DB7053\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.24:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E2ECB4F8-B623-4917-8420-E1DE6D9E514D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.25:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A415AEFB-16B5-47EA-BFFC-D8494AEAA4D6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.26:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9928C1C1-B335-4076-80A7-D929A873D01F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.27:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE6DEA2E-6475-4344-A8F0-34E5061B1C74\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.28:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A67FCF70-990C-45DE-9690-A3D3505C8E57\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.29:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"91E0D2BB-59DC-40FA-83CD-1A49B79E1F6D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.30:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B04C76FA-732D-49D9-8CB6-D0C955E9127D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.31:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8BF686D0-3132-4371-9EF5-0E6F299BC98F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.32:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"13C7E3B7-437A-4096-A5A1-B40271E6A6FE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.33:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3E0EE85B-15FA-433F-92EB-8CDB07ED2790\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.34:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D4A3287D-3B8E-42C3-869D-E73A11289762\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.35:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"349AD1F9-315C-4D36-9809-E58F5044D02D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.36:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"69864FF1-8B29-446C-8B5A-160138039C7E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.37:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"67B11EF6-C895-410B-AFA2-8E7B349F9571\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.38:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"23893E68-A34A-4CBD-B0A5-A41BF346D4BE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.39:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F691D200-26B8-41AC-8123-78A853DFEAF6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.40:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D8E83FE3-B2C1-4DDB-8BD4-48A1DCD25496\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.41:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F82A3BF-F540-4C6B-846F-4E614849EDC8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.42:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C88D6AE-BE42-4E3A-9B95-A9E5A3C7ED11\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.43:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F9E334EF-1A35-4028-8B60-CA6A6890E490\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.44:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"73DF6D41-9CD0-4038-9571-C76B73B4E225\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.45:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0C89A59C-F6F3-4F2F-AA8A-86E8B259245D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.46:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"67AF1A8D-9C55-4488-9E03-F0D824912BC7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.47:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"969EC7D0-FB81-42FB-8089-E5EC1D107F18\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.48:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F66E4DD8-8D15-4DC1-BADD-B6BB6697313E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.49:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4015B215-4FFA-423E-A7E2-7F43ADEBA326\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.50:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"84826AED-EEA7-4527-9A8E-258641B5C637\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.51:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9189ECAB-E192-476B-87E1-339AF9BFA4F2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.52:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C3889099-4FEC-4133-9E7D-A8E529DE939A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.53:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0F208151-3577-479E-B554-C94708D3D727\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow.\"}, {\"lang\": \"es\", \"value\": \"stunnel v4.21 a v4.54, cuando el protocolo de negociaci\\u00f3n CONNECT y la autenticaci\\u00f3n NTLM est\\u00e1n habilitadas, no realiza la conversi\\u00f3n de enteros correctamente, lo que permite ejecutar c\\u00f3digo de su elecci\\u00f3n a servidores remotos proxy a trav\\u00e9s de una solicitud hecha a mano que dispara un desbordamiento de b\\u00fafer.\\r\\n\"}]",
"id": "CVE-2013-1762",
"lastModified": "2024-11-21T01:50:20.090",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:H/Au:N/C:P/I:P/A:C\", \"baseScore\": 6.6, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"HIGH\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 4.9, \"impactScore\": 8.5, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2013-03-08T18:55:01.743",
"references": "[{\"url\": \"http://rhn.redhat.com/errata/RHSA-2013-0714.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.debian.org/security/2013/dsa-2664\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2013:130\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0097\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://www.stunnel.org/CVE-2013-1762.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2013-0714.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.debian.org/security/2013/dsa-2664\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2013:130\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0097\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.stunnel.org/CVE-2013-1762.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-94\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2013-1762\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2013-03-08T18:55:01.743\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow.\"},{\"lang\":\"es\",\"value\":\"stunnel v4.21 a v4.54, cuando el protocolo de negociaci\u00f3n CONNECT y la autenticaci\u00f3n NTLM est\u00e1n habilitadas, no realiza la conversi\u00f3n de enteros correctamente, lo que permite ejecutar c\u00f3digo de su elecci\u00f3n a servidores remotos proxy a trav\u00e9s de una solicitud hecha a mano que dispara un desbordamiento de b\u00fafer.\\r\\n\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:H/Au:N/C:P/I:P/A:C\",\"baseScore\":6.6,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":4.9,\"impactScore\":8.5,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.54\",\"matchCriteriaId\":\"9C661630-13C3-449F-9E37-F378EB55A03B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B07502AA-E3E7-4143-B194-7C366CEA4A28\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97C554E8-62F4-4C73-821D-AB93D8EE841C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"061A0C84-B26C-4ED6-9771-8B7D29DB7053\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2ECB4F8-B623-4917-8420-E1DE6D9E514D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A415AEFB-16B5-47EA-BFFC-D8494AEAA4D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9928C1C1-B335-4076-80A7-D929A873D01F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE6DEA2E-6475-4344-A8F0-34E5061B1C74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A67FCF70-990C-45DE-9690-A3D3505C8E57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91E0D2BB-59DC-40FA-83CD-1A49B79E1F6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B04C76FA-732D-49D9-8CB6-D0C955E9127D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8BF686D0-3132-4371-9EF5-0E6F299BC98F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13C7E3B7-437A-4096-A5A1-B40271E6A6FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E0EE85B-15FA-433F-92EB-8CDB07ED2790\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4A3287D-3B8E-42C3-869D-E73A11289762\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"349AD1F9-315C-4D36-9809-E58F5044D02D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"69864FF1-8B29-446C-8B5A-160138039C7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67B11EF6-C895-410B-AFA2-8E7B349F9571\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23893E68-A34A-4CBD-B0A5-A41BF346D4BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F691D200-26B8-41AC-8123-78A853DFEAF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.40:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8E83FE3-B2C1-4DDB-8BD4-48A1DCD25496\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.41:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F82A3BF-F540-4C6B-846F-4E614849EDC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.42:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C88D6AE-BE42-4E3A-9B95-A9E5A3C7ED11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.43:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9E334EF-1A35-4028-8B60-CA6A6890E490\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.44:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73DF6D41-9CD0-4038-9571-C76B73B4E225\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.45:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C89A59C-F6F3-4F2F-AA8A-86E8B259245D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.46:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67AF1A8D-9C55-4488-9E03-F0D824912BC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.47:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"969EC7D0-FB81-42FB-8089-E5EC1D107F18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.48:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F66E4DD8-8D15-4DC1-BADD-B6BB6697313E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.49:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4015B215-4FFA-423E-A7E2-7F43ADEBA326\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.50:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84826AED-EEA7-4527-9A8E-258641B5C637\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.51:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9189ECAB-E192-476B-87E1-339AF9BFA4F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.52:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3889099-4FEC-4133-9E7D-A8E529DE939A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.53:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F208151-3577-479E-B554-C94708D3D727\"}]}]}],\"references\":[{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0714.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2013/dsa-2664\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2013:130\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0097\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.stunnel.org/CVE-2013-1762.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0714.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2013/dsa-2664\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2013:130\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0097\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.stunnel.org/CVE-2013-1762.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
RHSA-2013_0714
Vulnerability from csaf_redhat - Published: 2013-04-08 17:43 - Updated: 2024-11-22 06:23Summary
Red Hat Security Advisory: stunnel security update
Notes
Topic
An updated stunnel package that fixes one security issue is now available
for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.
Details
stunnel is a socket wrapper which can provide SSL (Secure Sockets Layer)
support to ordinary applications. For example, it can be used in
conjunction with imapd to create an SSL-secure IMAP server.
An integer conversion issue was found in stunnel when using Microsoft NT
LAN Manager (NTLM) authentication with the HTTP CONNECT tunneling method.
With this configuration, and using stunnel in SSL client mode on a 64-bit
system, an attacker could possibly execute arbitrary code with the
privileges of the stunnel process via a man-in-the-middle attack or by
tricking a user into using a malicious proxy. (CVE-2013-1762)
All stunnel users should upgrade to this updated package, which contains a
backported patch to correct this issue.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated stunnel package that fixes one security issue is now available\nfor Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available from the CVE link in\nthe References section.",
"title": "Topic"
},
{
"category": "general",
"text": "stunnel is a socket wrapper which can provide SSL (Secure Sockets Layer)\nsupport to ordinary applications. For example, it can be used in\nconjunction with imapd to create an SSL-secure IMAP server.\n\nAn integer conversion issue was found in stunnel when using Microsoft NT\nLAN Manager (NTLM) authentication with the HTTP CONNECT tunneling method.\nWith this configuration, and using stunnel in SSL client mode on a 64-bit\nsystem, an attacker could possibly execute arbitrary code with the\nprivileges of the stunnel process via a man-in-the-middle attack or by\ntricking a user into using a malicious proxy. (CVE-2013-1762)\n\nAll stunnel users should upgrade to this updated package, which contains a\nbackported patch to correct this issue.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2013:0714",
"url": "https://access.redhat.com/errata/RHSA-2013:0714"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://www.stunnel.org/CVE-2013-1762.html",
"url": "https://www.stunnel.org/CVE-2013-1762.html"
},
{
"category": "external",
"summary": "917839",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=917839"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_0714.json"
}
],
"title": "Red Hat Security Advisory: stunnel security update",
"tracking": {
"current_release_date": "2024-11-22T06:23:32+00:00",
"generator": {
"date": "2024-11-22T06:23:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2013:0714",
"initial_release_date": "2013-04-08T17:43:00+00:00",
"revision_history": [
{
"date": "2013-04-08T17:43:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2013-04-08T17:48:25+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T06:23:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "stunnel-0:4.29-3.el6_4.src",
"product": {
"name": "stunnel-0:4.29-3.el6_4.src",
"product_id": "stunnel-0:4.29-3.el6_4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/stunnel@4.29-3.el6_4?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "stunnel-0:4.29-3.el6_4.x86_64",
"product": {
"name": "stunnel-0:4.29-3.el6_4.x86_64",
"product_id": "stunnel-0:4.29-3.el6_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/stunnel@4.29-3.el6_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "stunnel-debuginfo-0:4.29-3.el6_4.x86_64",
"product": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.x86_64",
"product_id": "stunnel-debuginfo-0:4.29-3.el6_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/stunnel-debuginfo@4.29-3.el6_4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "stunnel-0:4.29-3.el6_4.s390x",
"product": {
"name": "stunnel-0:4.29-3.el6_4.s390x",
"product_id": "stunnel-0:4.29-3.el6_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/stunnel@4.29-3.el6_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"product": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"product_id": "stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/stunnel-debuginfo@4.29-3.el6_4?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "stunnel-0:4.29-3.el6_4.i686",
"product": {
"name": "stunnel-0:4.29-3.el6_4.i686",
"product_id": "stunnel-0:4.29-3.el6_4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/stunnel@4.29-3.el6_4?arch=i686"
}
}
},
{
"category": "product_version",
"name": "stunnel-debuginfo-0:4.29-3.el6_4.i686",
"product": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.i686",
"product_id": "stunnel-debuginfo-0:4.29-3.el6_4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/stunnel-debuginfo@4.29-3.el6_4?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "stunnel-0:4.29-3.el6_4.ppc64",
"product": {
"name": "stunnel-0:4.29-3.el6_4.ppc64",
"product_id": "stunnel-0:4.29-3.el6_4.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/stunnel@4.29-3.el6_4?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"product": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"product_id": "stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/stunnel-debuginfo@4.29-3.el6_4?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:stunnel-0:4.29-3.el6_4.i686"
},
"product_reference": "stunnel-0:4.29-3.el6_4.i686",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:stunnel-0:4.29-3.el6_4.ppc64"
},
"product_reference": "stunnel-0:4.29-3.el6_4.ppc64",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:stunnel-0:4.29-3.el6_4.s390x"
},
"product_reference": "stunnel-0:4.29-3.el6_4.s390x",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.src as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:stunnel-0:4.29-3.el6_4.src"
},
"product_reference": "stunnel-0:4.29-3.el6_4.src",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:stunnel-0:4.29-3.el6_4.x86_64"
},
"product_reference": "stunnel-0:4.29-3.el6_4.x86_64",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.i686"
},
"product_reference": "stunnel-debuginfo-0:4.29-3.el6_4.i686",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.ppc64"
},
"product_reference": "stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.s390x"
},
"product_reference": "stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.x86_64"
},
"product_reference": "stunnel-debuginfo-0:4.29-3.el6_4.x86_64",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.i686"
},
"product_reference": "stunnel-0:4.29-3.el6_4.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.ppc64"
},
"product_reference": "stunnel-0:4.29-3.el6_4.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.s390x"
},
"product_reference": "stunnel-0:4.29-3.el6_4.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.src"
},
"product_reference": "stunnel-0:4.29-3.el6_4.src",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.x86_64"
},
"product_reference": "stunnel-0:4.29-3.el6_4.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.i686"
},
"product_reference": "stunnel-debuginfo-0:4.29-3.el6_4.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.ppc64"
},
"product_reference": "stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.s390x"
},
"product_reference": "stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.x86_64"
},
"product_reference": "stunnel-debuginfo-0:4.29-3.el6_4.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:stunnel-0:4.29-3.el6_4.i686"
},
"product_reference": "stunnel-0:4.29-3.el6_4.i686",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:stunnel-0:4.29-3.el6_4.ppc64"
},
"product_reference": "stunnel-0:4.29-3.el6_4.ppc64",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:stunnel-0:4.29-3.el6_4.s390x"
},
"product_reference": "stunnel-0:4.29-3.el6_4.s390x",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.src as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:stunnel-0:4.29-3.el6_4.src"
},
"product_reference": "stunnel-0:4.29-3.el6_4.src",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:stunnel-0:4.29-3.el6_4.x86_64"
},
"product_reference": "stunnel-0:4.29-3.el6_4.x86_64",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.i686"
},
"product_reference": "stunnel-debuginfo-0:4.29-3.el6_4.i686",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.ppc64"
},
"product_reference": "stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.s390x"
},
"product_reference": "stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.x86_64"
},
"product_reference": "stunnel-debuginfo-0:4.29-3.el6_4.x86_64",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.i686"
},
"product_reference": "stunnel-0:4.29-3.el6_4.i686",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.ppc64"
},
"product_reference": "stunnel-0:4.29-3.el6_4.ppc64",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.s390x"
},
"product_reference": "stunnel-0:4.29-3.el6_4.s390x",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.src"
},
"product_reference": "stunnel-0:4.29-3.el6_4.src",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.x86_64"
},
"product_reference": "stunnel-0:4.29-3.el6_4.x86_64",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.i686"
},
"product_reference": "stunnel-debuginfo-0:4.29-3.el6_4.i686",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.ppc64"
},
"product_reference": "stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.s390x"
},
"product_reference": "stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.x86_64"
},
"product_reference": "stunnel-debuginfo-0:4.29-3.el6_4.x86_64",
"relates_to_product_reference": "6Workstation-6.4.z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-1762",
"discovery_date": "2013-03-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "917839"
}
],
"notes": [
{
"category": "description",
"text": "stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Stunnel: buffer overflow vulnerability due to incorrect integer conversion in the NTLM authentication of the CONNECT protocol negotiation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the version of the stunnel package as shipped with Red Hat Enterprise Linux 5.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-6.4.z:stunnel-0:4.29-3.el6_4.i686",
"6Client-6.4.z:stunnel-0:4.29-3.el6_4.ppc64",
"6Client-6.4.z:stunnel-0:4.29-3.el6_4.s390x",
"6Client-6.4.z:stunnel-0:4.29-3.el6_4.src",
"6Client-6.4.z:stunnel-0:4.29-3.el6_4.x86_64",
"6Client-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.i686",
"6Client-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"6Client-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"6Client-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.i686",
"6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.s390x",
"6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.src",
"6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.i686",
"6ComputeNode-optional-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"6ComputeNode-optional-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.x86_64",
"6Server-6.4.z:stunnel-0:4.29-3.el6_4.i686",
"6Server-6.4.z:stunnel-0:4.29-3.el6_4.ppc64",
"6Server-6.4.z:stunnel-0:4.29-3.el6_4.s390x",
"6Server-6.4.z:stunnel-0:4.29-3.el6_4.src",
"6Server-6.4.z:stunnel-0:4.29-3.el6_4.x86_64",
"6Server-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.i686",
"6Server-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"6Server-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"6Server-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.x86_64",
"6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.i686",
"6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.ppc64",
"6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.s390x",
"6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.src",
"6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.x86_64",
"6Workstation-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.i686",
"6Workstation-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"6Workstation-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"6Workstation-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-1762"
},
{
"category": "external",
"summary": "RHBZ#917839",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=917839"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-1762",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1762"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1762",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1762"
},
{
"category": "external",
"summary": "https://www.stunnel.org/CVE-2013-1762.html",
"url": "https://www.stunnel.org/CVE-2013-1762.html"
}
],
"release_date": "2013-03-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-04-08T17:43:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Client-6.4.z:stunnel-0:4.29-3.el6_4.i686",
"6Client-6.4.z:stunnel-0:4.29-3.el6_4.ppc64",
"6Client-6.4.z:stunnel-0:4.29-3.el6_4.s390x",
"6Client-6.4.z:stunnel-0:4.29-3.el6_4.src",
"6Client-6.4.z:stunnel-0:4.29-3.el6_4.x86_64",
"6Client-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.i686",
"6Client-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"6Client-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"6Client-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.i686",
"6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.s390x",
"6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.src",
"6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.i686",
"6ComputeNode-optional-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"6ComputeNode-optional-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.x86_64",
"6Server-6.4.z:stunnel-0:4.29-3.el6_4.i686",
"6Server-6.4.z:stunnel-0:4.29-3.el6_4.ppc64",
"6Server-6.4.z:stunnel-0:4.29-3.el6_4.s390x",
"6Server-6.4.z:stunnel-0:4.29-3.el6_4.src",
"6Server-6.4.z:stunnel-0:4.29-3.el6_4.x86_64",
"6Server-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.i686",
"6Server-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"6Server-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"6Server-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.x86_64",
"6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.i686",
"6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.ppc64",
"6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.s390x",
"6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.src",
"6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.x86_64",
"6Workstation-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.i686",
"6Workstation-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"6Workstation-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"6Workstation-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:0714"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"6Client-6.4.z:stunnel-0:4.29-3.el6_4.i686",
"6Client-6.4.z:stunnel-0:4.29-3.el6_4.ppc64",
"6Client-6.4.z:stunnel-0:4.29-3.el6_4.s390x",
"6Client-6.4.z:stunnel-0:4.29-3.el6_4.src",
"6Client-6.4.z:stunnel-0:4.29-3.el6_4.x86_64",
"6Client-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.i686",
"6Client-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"6Client-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"6Client-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.i686",
"6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.s390x",
"6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.src",
"6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.i686",
"6ComputeNode-optional-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"6ComputeNode-optional-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.x86_64",
"6Server-6.4.z:stunnel-0:4.29-3.el6_4.i686",
"6Server-6.4.z:stunnel-0:4.29-3.el6_4.ppc64",
"6Server-6.4.z:stunnel-0:4.29-3.el6_4.s390x",
"6Server-6.4.z:stunnel-0:4.29-3.el6_4.src",
"6Server-6.4.z:stunnel-0:4.29-3.el6_4.x86_64",
"6Server-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.i686",
"6Server-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"6Server-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"6Server-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.x86_64",
"6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.i686",
"6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.ppc64",
"6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.s390x",
"6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.src",
"6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.x86_64",
"6Workstation-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.i686",
"6Workstation-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"6Workstation-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"6Workstation-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Stunnel: buffer overflow vulnerability due to incorrect integer conversion in the NTLM authentication of the CONNECT protocol negotiation"
}
]
}
RHSA-2013:0714
Vulnerability from csaf_redhat - Published: 2013-04-08 17:43 - Updated: 2025-11-21 17:43Summary
Red Hat Security Advisory: stunnel security update
Notes
Topic
An updated stunnel package that fixes one security issue is now available
for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.
Details
stunnel is a socket wrapper which can provide SSL (Secure Sockets Layer)
support to ordinary applications. For example, it can be used in
conjunction with imapd to create an SSL-secure IMAP server.
An integer conversion issue was found in stunnel when using Microsoft NT
LAN Manager (NTLM) authentication with the HTTP CONNECT tunneling method.
With this configuration, and using stunnel in SSL client mode on a 64-bit
system, an attacker could possibly execute arbitrary code with the
privileges of the stunnel process via a man-in-the-middle attack or by
tricking a user into using a malicious proxy. (CVE-2013-1762)
All stunnel users should upgrade to this updated package, which contains a
backported patch to correct this issue.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated stunnel package that fixes one security issue is now available\nfor Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available from the CVE link in\nthe References section.",
"title": "Topic"
},
{
"category": "general",
"text": "stunnel is a socket wrapper which can provide SSL (Secure Sockets Layer)\nsupport to ordinary applications. For example, it can be used in\nconjunction with imapd to create an SSL-secure IMAP server.\n\nAn integer conversion issue was found in stunnel when using Microsoft NT\nLAN Manager (NTLM) authentication with the HTTP CONNECT tunneling method.\nWith this configuration, and using stunnel in SSL client mode on a 64-bit\nsystem, an attacker could possibly execute arbitrary code with the\nprivileges of the stunnel process via a man-in-the-middle attack or by\ntricking a user into using a malicious proxy. (CVE-2013-1762)\n\nAll stunnel users should upgrade to this updated package, which contains a\nbackported patch to correct this issue.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2013:0714",
"url": "https://access.redhat.com/errata/RHSA-2013:0714"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://www.stunnel.org/CVE-2013-1762.html",
"url": "https://www.stunnel.org/CVE-2013-1762.html"
},
{
"category": "external",
"summary": "917839",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=917839"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_0714.json"
}
],
"title": "Red Hat Security Advisory: stunnel security update",
"tracking": {
"current_release_date": "2025-11-21T17:43:24+00:00",
"generator": {
"date": "2025-11-21T17:43:24+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2013:0714",
"initial_release_date": "2013-04-08T17:43:00+00:00",
"revision_history": [
{
"date": "2013-04-08T17:43:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2013-04-08T17:48:25+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:43:24+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "stunnel-0:4.29-3.el6_4.src",
"product": {
"name": "stunnel-0:4.29-3.el6_4.src",
"product_id": "stunnel-0:4.29-3.el6_4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/stunnel@4.29-3.el6_4?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "stunnel-0:4.29-3.el6_4.x86_64",
"product": {
"name": "stunnel-0:4.29-3.el6_4.x86_64",
"product_id": "stunnel-0:4.29-3.el6_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/stunnel@4.29-3.el6_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "stunnel-debuginfo-0:4.29-3.el6_4.x86_64",
"product": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.x86_64",
"product_id": "stunnel-debuginfo-0:4.29-3.el6_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/stunnel-debuginfo@4.29-3.el6_4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "stunnel-0:4.29-3.el6_4.s390x",
"product": {
"name": "stunnel-0:4.29-3.el6_4.s390x",
"product_id": "stunnel-0:4.29-3.el6_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/stunnel@4.29-3.el6_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"product": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"product_id": "stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/stunnel-debuginfo@4.29-3.el6_4?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "stunnel-0:4.29-3.el6_4.i686",
"product": {
"name": "stunnel-0:4.29-3.el6_4.i686",
"product_id": "stunnel-0:4.29-3.el6_4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/stunnel@4.29-3.el6_4?arch=i686"
}
}
},
{
"category": "product_version",
"name": "stunnel-debuginfo-0:4.29-3.el6_4.i686",
"product": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.i686",
"product_id": "stunnel-debuginfo-0:4.29-3.el6_4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/stunnel-debuginfo@4.29-3.el6_4?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "stunnel-0:4.29-3.el6_4.ppc64",
"product": {
"name": "stunnel-0:4.29-3.el6_4.ppc64",
"product_id": "stunnel-0:4.29-3.el6_4.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/stunnel@4.29-3.el6_4?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"product": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"product_id": "stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/stunnel-debuginfo@4.29-3.el6_4?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:stunnel-0:4.29-3.el6_4.i686"
},
"product_reference": "stunnel-0:4.29-3.el6_4.i686",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:stunnel-0:4.29-3.el6_4.ppc64"
},
"product_reference": "stunnel-0:4.29-3.el6_4.ppc64",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:stunnel-0:4.29-3.el6_4.s390x"
},
"product_reference": "stunnel-0:4.29-3.el6_4.s390x",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.src as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:stunnel-0:4.29-3.el6_4.src"
},
"product_reference": "stunnel-0:4.29-3.el6_4.src",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:stunnel-0:4.29-3.el6_4.x86_64"
},
"product_reference": "stunnel-0:4.29-3.el6_4.x86_64",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.i686"
},
"product_reference": "stunnel-debuginfo-0:4.29-3.el6_4.i686",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.ppc64"
},
"product_reference": "stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.s390x"
},
"product_reference": "stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.x86_64"
},
"product_reference": "stunnel-debuginfo-0:4.29-3.el6_4.x86_64",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.i686"
},
"product_reference": "stunnel-0:4.29-3.el6_4.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.ppc64"
},
"product_reference": "stunnel-0:4.29-3.el6_4.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.s390x"
},
"product_reference": "stunnel-0:4.29-3.el6_4.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.src"
},
"product_reference": "stunnel-0:4.29-3.el6_4.src",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.x86_64"
},
"product_reference": "stunnel-0:4.29-3.el6_4.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.i686"
},
"product_reference": "stunnel-debuginfo-0:4.29-3.el6_4.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.ppc64"
},
"product_reference": "stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.s390x"
},
"product_reference": "stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.x86_64"
},
"product_reference": "stunnel-debuginfo-0:4.29-3.el6_4.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:stunnel-0:4.29-3.el6_4.i686"
},
"product_reference": "stunnel-0:4.29-3.el6_4.i686",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:stunnel-0:4.29-3.el6_4.ppc64"
},
"product_reference": "stunnel-0:4.29-3.el6_4.ppc64",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:stunnel-0:4.29-3.el6_4.s390x"
},
"product_reference": "stunnel-0:4.29-3.el6_4.s390x",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.src as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:stunnel-0:4.29-3.el6_4.src"
},
"product_reference": "stunnel-0:4.29-3.el6_4.src",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:stunnel-0:4.29-3.el6_4.x86_64"
},
"product_reference": "stunnel-0:4.29-3.el6_4.x86_64",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.i686"
},
"product_reference": "stunnel-debuginfo-0:4.29-3.el6_4.i686",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.ppc64"
},
"product_reference": "stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.s390x"
},
"product_reference": "stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.x86_64"
},
"product_reference": "stunnel-debuginfo-0:4.29-3.el6_4.x86_64",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.i686"
},
"product_reference": "stunnel-0:4.29-3.el6_4.i686",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.ppc64"
},
"product_reference": "stunnel-0:4.29-3.el6_4.ppc64",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.s390x"
},
"product_reference": "stunnel-0:4.29-3.el6_4.s390x",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.src"
},
"product_reference": "stunnel-0:4.29-3.el6_4.src",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-0:4.29-3.el6_4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.x86_64"
},
"product_reference": "stunnel-0:4.29-3.el6_4.x86_64",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.i686"
},
"product_reference": "stunnel-debuginfo-0:4.29-3.el6_4.i686",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.ppc64"
},
"product_reference": "stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.s390x"
},
"product_reference": "stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-debuginfo-0:4.29-3.el6_4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.x86_64"
},
"product_reference": "stunnel-debuginfo-0:4.29-3.el6_4.x86_64",
"relates_to_product_reference": "6Workstation-6.4.z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-1762",
"discovery_date": "2013-03-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "917839"
}
],
"notes": [
{
"category": "description",
"text": "stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Stunnel: buffer overflow vulnerability due to incorrect integer conversion in the NTLM authentication of the CONNECT protocol negotiation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the version of the stunnel package as shipped with Red Hat Enterprise Linux 5.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-6.4.z:stunnel-0:4.29-3.el6_4.i686",
"6Client-6.4.z:stunnel-0:4.29-3.el6_4.ppc64",
"6Client-6.4.z:stunnel-0:4.29-3.el6_4.s390x",
"6Client-6.4.z:stunnel-0:4.29-3.el6_4.src",
"6Client-6.4.z:stunnel-0:4.29-3.el6_4.x86_64",
"6Client-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.i686",
"6Client-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"6Client-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"6Client-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.i686",
"6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.s390x",
"6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.src",
"6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.i686",
"6ComputeNode-optional-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"6ComputeNode-optional-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.x86_64",
"6Server-6.4.z:stunnel-0:4.29-3.el6_4.i686",
"6Server-6.4.z:stunnel-0:4.29-3.el6_4.ppc64",
"6Server-6.4.z:stunnel-0:4.29-3.el6_4.s390x",
"6Server-6.4.z:stunnel-0:4.29-3.el6_4.src",
"6Server-6.4.z:stunnel-0:4.29-3.el6_4.x86_64",
"6Server-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.i686",
"6Server-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"6Server-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"6Server-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.x86_64",
"6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.i686",
"6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.ppc64",
"6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.s390x",
"6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.src",
"6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.x86_64",
"6Workstation-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.i686",
"6Workstation-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"6Workstation-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"6Workstation-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-1762"
},
{
"category": "external",
"summary": "RHBZ#917839",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=917839"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-1762",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1762"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1762",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1762"
},
{
"category": "external",
"summary": "https://www.stunnel.org/CVE-2013-1762.html",
"url": "https://www.stunnel.org/CVE-2013-1762.html"
}
],
"release_date": "2013-03-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-04-08T17:43:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Client-6.4.z:stunnel-0:4.29-3.el6_4.i686",
"6Client-6.4.z:stunnel-0:4.29-3.el6_4.ppc64",
"6Client-6.4.z:stunnel-0:4.29-3.el6_4.s390x",
"6Client-6.4.z:stunnel-0:4.29-3.el6_4.src",
"6Client-6.4.z:stunnel-0:4.29-3.el6_4.x86_64",
"6Client-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.i686",
"6Client-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"6Client-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"6Client-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.i686",
"6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.s390x",
"6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.src",
"6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.i686",
"6ComputeNode-optional-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"6ComputeNode-optional-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.x86_64",
"6Server-6.4.z:stunnel-0:4.29-3.el6_4.i686",
"6Server-6.4.z:stunnel-0:4.29-3.el6_4.ppc64",
"6Server-6.4.z:stunnel-0:4.29-3.el6_4.s390x",
"6Server-6.4.z:stunnel-0:4.29-3.el6_4.src",
"6Server-6.4.z:stunnel-0:4.29-3.el6_4.x86_64",
"6Server-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.i686",
"6Server-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"6Server-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"6Server-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.x86_64",
"6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.i686",
"6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.ppc64",
"6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.s390x",
"6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.src",
"6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.x86_64",
"6Workstation-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.i686",
"6Workstation-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"6Workstation-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"6Workstation-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:0714"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"6Client-6.4.z:stunnel-0:4.29-3.el6_4.i686",
"6Client-6.4.z:stunnel-0:4.29-3.el6_4.ppc64",
"6Client-6.4.z:stunnel-0:4.29-3.el6_4.s390x",
"6Client-6.4.z:stunnel-0:4.29-3.el6_4.src",
"6Client-6.4.z:stunnel-0:4.29-3.el6_4.x86_64",
"6Client-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.i686",
"6Client-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"6Client-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"6Client-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.i686",
"6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.s390x",
"6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.src",
"6ComputeNode-optional-6.4.z:stunnel-0:4.29-3.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.i686",
"6ComputeNode-optional-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"6ComputeNode-optional-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.x86_64",
"6Server-6.4.z:stunnel-0:4.29-3.el6_4.i686",
"6Server-6.4.z:stunnel-0:4.29-3.el6_4.ppc64",
"6Server-6.4.z:stunnel-0:4.29-3.el6_4.s390x",
"6Server-6.4.z:stunnel-0:4.29-3.el6_4.src",
"6Server-6.4.z:stunnel-0:4.29-3.el6_4.x86_64",
"6Server-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.i686",
"6Server-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"6Server-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"6Server-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.x86_64",
"6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.i686",
"6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.ppc64",
"6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.s390x",
"6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.src",
"6Workstation-6.4.z:stunnel-0:4.29-3.el6_4.x86_64",
"6Workstation-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.i686",
"6Workstation-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.ppc64",
"6Workstation-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.s390x",
"6Workstation-6.4.z:stunnel-debuginfo-0:4.29-3.el6_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Stunnel: buffer overflow vulnerability due to incorrect integer conversion in the NTLM authentication of the CONNECT protocol negotiation"
}
]
}
CERTFR-2018-AVI-184
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Juniper . Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| N/A | N/A | Junos Snapshot Administrator (JSNAPy) versions antérieures à 1.3.0 | ||
| Juniper Networks | N/A | CentOS versions 6.5 antérieures à 2012.2R12 | ||
| Juniper Networks | N/A | Steel-Belted Radius (SBR) Carrier 8.2.0 antérieures à 8.2.0-R18 | ||
| Juniper Networks | N/A | NorthStar Controller versions 3.2.x antérieures à 3.2.1 | ||
| Juniper Networks | N/A | NorthStar Controller versions 3.0.x antérieures à 3.0.1 | ||
| Juniper Networks | N/A | CTPOS versions antérieures à 7.3R4 ou 7.4R1 | ||
| Juniper Networks | N/A | CTPView versions antérieures à 7.3R4 ou 7.4R2 | ||
| Juniper Networks | N/A | Steel-Belted Radius (SBR) Carrier versions 8.3.0.x antérieures à 8.3.0-R11 | ||
| Juniper Networks | N/A | Steel-Belted Radius (SBR) Carrier versions 8.4.1.x antérieures à 8.4.1-R5 | ||
| Juniper Networks | N/A | NSM versions antérieures à 2012.2R14 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3X48 antérieures à 12.3X48-D50 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 antérieures à 15.1X53-D233, 15.1X53-D471, 15.1X53-D472, 15.1X53-D58, 15.1X53-D66 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 antérieures à 15.1X53-D66 sur QFX10K | ||
| Juniper Networks | Junos OS | Junos OS versions 12.1X46 antérieures à 12.1X46-D76 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 antérieures à 15.1F6-S10, 15.1R4-S9, 15.1R6-S6, 15.1R7 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.1 antérieures à 17.1R2 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1X65 antérieures à 16.1X65-D47 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2 antérieures à 17.2R1-S5, 17.2R2 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X49 antérieures à 15.1X49-D60 sur SRX | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 antérieures à 16.1R5-S3, 16.1R7 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X49 antérieures à 15.1X49-D90 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2 antérieures à 17.2R1-S3, 17.2R2-S1, 17.2R3 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 antérieures à 15.1F5-S3, 15.1F6-S8, 15.1F7, 15.1R5 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3 antérieures à 12.3R12-S7, 12.3R13 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X49 antérieures à 15.1X49-D100 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 antérieures à 15.1F2-S20, 15.1F6-S10, 15.1R7 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.1X46 antérieures à 12.1X46-D60 sur SRX | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X49 antérieures à 15.1X49-D60 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X49 antérieures à 15.1X49-D130 sur SRX | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3X48 antérieures à 12.3X48-D65 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.1 antérieures à 17.1R1-S7, 17.1R2-S6, 17.1R3 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X49 antérieures à 15.1X49-D131, 15.1X49-D140 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3X48 antérieures à 12.3X48-D35 sur SRX | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 antérieures à 16.1R3-S8, 16.1R4-S6, 16.1R5 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1X70 antérieures à 16.1X70-D10 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 antérieures à 15.1X53-D66, 15.1X53-D233, 15.1X53-D471 | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1X53 antérieures à 14.1X53-D130 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 antérieures à 15.1X53-D58 on EX2300/EX3400 | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1X53 antérieures à 14.1X53-D47 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 antérieures à 15.1F2-S19, 15.1F6-S10, 15.1R4-S9, 15.1R5-S7, 15.1R6-S4, 15.1R7 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.1 antérieures à 17.1R2-S3, 17.1R3 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2X75 antérieures à 17.2X75-D70 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X49 antérieures à 15.1X49-D130 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 antérieures à 15.1X53-D233 on QFX5200/QFX5110 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 antérieures à 16.1R5 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 antérieures à 15.1R4-S9, 15.1R6-S6, 15.1R7 | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1 antérieures à 14.1R10, 14.1R9 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.1 antérieures à 17.1R2-S6, 17.1R3 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.2 antérieures à 16.2R1-S6, 16.2R2-S5, 16.2R3 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 antérieures à 15.1X53-D471 on NFX | ||
| Juniper Networks | Junos OS | Junos OS versions 16.2 antérieures à 16.2R2 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3X48 antérieures à 12.3X48-D66, 12.3X48-D70 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 antérieures à 15.1X53-D59 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 antérieures à 15.1X53-D66 sur QFX10 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 antérieures à 16.1R3-S8, 16.1R4-S9, 16.1R5-S3, 16.1R6-S3, 16.1R7 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.2 antérieures à 16.2R1-S6, 16.2R2 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 antérieures à 16.1R3-S8, 16.1R4-S8, 16.1R5 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3X48 antérieures à 12.3X48-D55 | ||
| Juniper Networks | Junos OS | Junos OS versions 14.2 antérieures à 14.2R8 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Junos Snapshot Administrator (JSNAPy) versions ant\u00e9rieures \u00e0 1.3.0",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "CentOS versions 6.5 ant\u00e9rieures \u00e0 2012.2R12",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Steel-Belted Radius (SBR) Carrier 8.2.0 ant\u00e9rieures \u00e0 8.2.0-R18",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "NorthStar Controller versions 3.2.x ant\u00e9rieures \u00e0 3.2.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "NorthStar Controller versions 3.0.x ant\u00e9rieures \u00e0 3.0.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "CTPOS versions ant\u00e9rieures \u00e0 7.3R4 ou 7.4R1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "CTPView versions ant\u00e9rieures \u00e0 7.3R4 ou 7.4R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Steel-Belted Radius (SBR) Carrier versions 8.3.0.x ant\u00e9rieures \u00e0 8.3.0-R11",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Steel-Belted Radius (SBR) Carrier versions 8.4.1.x ant\u00e9rieures \u00e0 8.4.1-R5",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "NSM versions ant\u00e9rieures \u00e0 2012.2R14",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D50",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D233, 15.1X53-D471, 15.1X53-D472, 15.1X53-D58, 15.1X53-D66",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D66 sur QFX10K",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.1X46 ant\u00e9rieures \u00e0 12.1X46-D76",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1F6-S10, 15.1R4-S9, 15.1R6-S6, 15.1R7",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.1 ant\u00e9rieures \u00e0 17.1R2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1X65 ant\u00e9rieures \u00e0 16.1X65-D47",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2 ant\u00e9rieures \u00e0 17.2R1-S5, 17.2R2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D60 sur SRX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R5-S3, 16.1R7",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D90",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2 ant\u00e9rieures \u00e0 17.2R1-S3, 17.2R2-S1, 17.2R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1F5-S3, 15.1F6-S8, 15.1F7, 15.1R5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3 ant\u00e9rieures \u00e0 12.3R12-S7, 12.3R13",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D100",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1F2-S20, 15.1F6-S10, 15.1R7",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.1X46 ant\u00e9rieures \u00e0 12.1X46-D60 sur SRX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D60",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D130 sur SRX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D65",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.1 ant\u00e9rieures \u00e0 17.1R1-S7, 17.1R2-S6, 17.1R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D131, 15.1X49-D140",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D35 sur SRX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R3-S8, 16.1R4-S6, 16.1R5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1X70 ant\u00e9rieures \u00e0 16.1X70-D10",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D66, 15.1X53-D233, 15.1X53-D471",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1X53 ant\u00e9rieures \u00e0 14.1X53-D130",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D58 on EX2300/EX3400",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1X53 ant\u00e9rieures \u00e0 14.1X53-D47",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1F2-S19, 15.1F6-S10, 15.1R4-S9, 15.1R5-S7, 15.1R6-S4, 15.1R7",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.1 ant\u00e9rieures \u00e0 17.1R2-S3, 17.1R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2X75 ant\u00e9rieures \u00e0 17.2X75-D70",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D130",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D233 on QFX5200/QFX5110",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1R4-S9, 15.1R6-S6, 15.1R7",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1 ant\u00e9rieures \u00e0 14.1R10, 14.1R9",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.1 ant\u00e9rieures \u00e0 17.1R2-S6, 17.1R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.2 ant\u00e9rieures \u00e0 16.2R1-S6, 16.2R2-S5, 16.2R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D471 on NFX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.2 ant\u00e9rieures \u00e0 16.2R2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D66, 12.3X48-D70",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D59",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D66 sur QFX10",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R3-S8, 16.1R4-S9, 16.1R5-S3, 16.1R6-S3, 16.1R7",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.2 ant\u00e9rieures \u00e0 16.2R1-S6, 16.2R2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R3-S8, 16.1R4-S8, 16.1R5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D55",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.2 ant\u00e9rieures \u00e0 14.2R8",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2015-8767",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8767"
},
{
"name": "CVE-2018-0020",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0020"
},
{
"name": "CVE-2016-5829",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5829"
},
{
"name": "CVE-2016-0701",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0701"
},
{
"name": "CVE-2015-8324",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8324"
},
{
"name": "CVE-2018-0017",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0017"
},
{
"name": "CVE-2013-4312",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4312"
},
{
"name": "CVE-2018-0021",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0021"
},
{
"name": "CVE-2015-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5156"
},
{
"name": "CVE-2013-1762",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1762"
},
{
"name": "CVE-2016-4470",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4470"
},
{
"name": "CVE-2017-1000385",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000385"
},
{
"name": "CVE-2017-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3737"
},
{
"name": "CVE-2018-0016",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0016"
},
{
"name": "CVE-2016-1583",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1583"
},
{
"name": "CVE-2014-7842",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7842"
},
{
"name": "CVE-2015-3644",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3644"
},
{
"name": "CVE-2016-2550",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2550"
},
{
"name": "CVE-2016-5696",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5696"
},
{
"name": "CVE-2015-2925",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2925"
},
{
"name": "CVE-2018-0019",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0019"
},
{
"name": "CVE-2016-4565",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4565"
},
{
"name": "CVE-2018-0022",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0022"
},
{
"name": "CVE-2014-0016",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0016"
},
{
"name": "CVE-2016-0774",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0774"
},
{
"name": "CVE-2015-7550",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7550"
},
{
"name": "CVE-2014-8134",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8134"
},
{
"name": "CVE-2015-8104",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8104"
},
{
"name": "CVE-2017-3732",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3732"
},
{
"name": "CVE-2017-3736",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3736"
},
{
"name": "CVE-2015-2080",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2080"
},
{
"name": "CVE-2017-3735",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3735"
},
{
"name": "CVE-2015-8543",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8543"
},
{
"name": "CVE-2015-3193",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3193"
},
{
"name": "CVE-2017-3738",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3738"
},
{
"name": "CVE-2015-7613",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7613"
},
{
"name": "CVE-2015-5157",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5157"
},
{
"name": "CVE-2008-2420",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2420"
},
{
"name": "CVE-2008-2400",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2400"
},
{
"name": "CVE-2018-0018",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0018"
},
{
"name": "CVE-2015-1805",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1805"
},
{
"name": "CVE-2018-0023",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0023"
},
{
"name": "CVE-2010-5313",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-5313"
},
{
"name": "CVE-2015-7872",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7872"
},
{
"name": "CVE-2015-5307",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5307"
},
{
"name": "CVE-2016-2143",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2143"
}
],
"links": [],
"reference": "CERTFR-2018-AVI-184",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2018-04-16T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper . Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10852 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10852\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10847 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10847\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10845 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10845\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10850 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10850\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10855 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10855\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10844 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10844\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10846 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10846\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10851 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10851\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10856 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10856\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10849 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10849\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10853 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10853\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10854 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10854\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10848 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10848\u0026cat=SIRT_1\u0026actp=LIST"
}
]
}
CERTFR-2018-AVI-184
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Juniper . Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| N/A | N/A | Junos Snapshot Administrator (JSNAPy) versions antérieures à 1.3.0 | ||
| Juniper Networks | N/A | CentOS versions 6.5 antérieures à 2012.2R12 | ||
| Juniper Networks | N/A | Steel-Belted Radius (SBR) Carrier 8.2.0 antérieures à 8.2.0-R18 | ||
| Juniper Networks | N/A | NorthStar Controller versions 3.2.x antérieures à 3.2.1 | ||
| Juniper Networks | N/A | NorthStar Controller versions 3.0.x antérieures à 3.0.1 | ||
| Juniper Networks | N/A | CTPOS versions antérieures à 7.3R4 ou 7.4R1 | ||
| Juniper Networks | N/A | CTPView versions antérieures à 7.3R4 ou 7.4R2 | ||
| Juniper Networks | N/A | Steel-Belted Radius (SBR) Carrier versions 8.3.0.x antérieures à 8.3.0-R11 | ||
| Juniper Networks | N/A | Steel-Belted Radius (SBR) Carrier versions 8.4.1.x antérieures à 8.4.1-R5 | ||
| Juniper Networks | N/A | NSM versions antérieures à 2012.2R14 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3X48 antérieures à 12.3X48-D50 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 antérieures à 15.1X53-D233, 15.1X53-D471, 15.1X53-D472, 15.1X53-D58, 15.1X53-D66 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 antérieures à 15.1X53-D66 sur QFX10K | ||
| Juniper Networks | Junos OS | Junos OS versions 12.1X46 antérieures à 12.1X46-D76 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 antérieures à 15.1F6-S10, 15.1R4-S9, 15.1R6-S6, 15.1R7 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.1 antérieures à 17.1R2 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1X65 antérieures à 16.1X65-D47 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2 antérieures à 17.2R1-S5, 17.2R2 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X49 antérieures à 15.1X49-D60 sur SRX | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 antérieures à 16.1R5-S3, 16.1R7 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X49 antérieures à 15.1X49-D90 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2 antérieures à 17.2R1-S3, 17.2R2-S1, 17.2R3 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 antérieures à 15.1F5-S3, 15.1F6-S8, 15.1F7, 15.1R5 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3 antérieures à 12.3R12-S7, 12.3R13 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X49 antérieures à 15.1X49-D100 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 antérieures à 15.1F2-S20, 15.1F6-S10, 15.1R7 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.1X46 antérieures à 12.1X46-D60 sur SRX | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X49 antérieures à 15.1X49-D60 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X49 antérieures à 15.1X49-D130 sur SRX | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3X48 antérieures à 12.3X48-D65 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.1 antérieures à 17.1R1-S7, 17.1R2-S6, 17.1R3 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X49 antérieures à 15.1X49-D131, 15.1X49-D140 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3X48 antérieures à 12.3X48-D35 sur SRX | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 antérieures à 16.1R3-S8, 16.1R4-S6, 16.1R5 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1X70 antérieures à 16.1X70-D10 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 antérieures à 15.1X53-D66, 15.1X53-D233, 15.1X53-D471 | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1X53 antérieures à 14.1X53-D130 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 antérieures à 15.1X53-D58 on EX2300/EX3400 | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1X53 antérieures à 14.1X53-D47 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 antérieures à 15.1F2-S19, 15.1F6-S10, 15.1R4-S9, 15.1R5-S7, 15.1R6-S4, 15.1R7 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.1 antérieures à 17.1R2-S3, 17.1R3 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2X75 antérieures à 17.2X75-D70 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X49 antérieures à 15.1X49-D130 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 antérieures à 15.1X53-D233 on QFX5200/QFX5110 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 antérieures à 16.1R5 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 antérieures à 15.1R4-S9, 15.1R6-S6, 15.1R7 | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1 antérieures à 14.1R10, 14.1R9 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.1 antérieures à 17.1R2-S6, 17.1R3 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.2 antérieures à 16.2R1-S6, 16.2R2-S5, 16.2R3 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 antérieures à 15.1X53-D471 on NFX | ||
| Juniper Networks | Junos OS | Junos OS versions 16.2 antérieures à 16.2R2 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3X48 antérieures à 12.3X48-D66, 12.3X48-D70 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 antérieures à 15.1X53-D59 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 antérieures à 15.1X53-D66 sur QFX10 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 antérieures à 16.1R3-S8, 16.1R4-S9, 16.1R5-S3, 16.1R6-S3, 16.1R7 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.2 antérieures à 16.2R1-S6, 16.2R2 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 antérieures à 16.1R3-S8, 16.1R4-S8, 16.1R5 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3X48 antérieures à 12.3X48-D55 | ||
| Juniper Networks | Junos OS | Junos OS versions 14.2 antérieures à 14.2R8 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Junos Snapshot Administrator (JSNAPy) versions ant\u00e9rieures \u00e0 1.3.0",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "CentOS versions 6.5 ant\u00e9rieures \u00e0 2012.2R12",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Steel-Belted Radius (SBR) Carrier 8.2.0 ant\u00e9rieures \u00e0 8.2.0-R18",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "NorthStar Controller versions 3.2.x ant\u00e9rieures \u00e0 3.2.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "NorthStar Controller versions 3.0.x ant\u00e9rieures \u00e0 3.0.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "CTPOS versions ant\u00e9rieures \u00e0 7.3R4 ou 7.4R1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "CTPView versions ant\u00e9rieures \u00e0 7.3R4 ou 7.4R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Steel-Belted Radius (SBR) Carrier versions 8.3.0.x ant\u00e9rieures \u00e0 8.3.0-R11",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Steel-Belted Radius (SBR) Carrier versions 8.4.1.x ant\u00e9rieures \u00e0 8.4.1-R5",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "NSM versions ant\u00e9rieures \u00e0 2012.2R14",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D50",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D233, 15.1X53-D471, 15.1X53-D472, 15.1X53-D58, 15.1X53-D66",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D66 sur QFX10K",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.1X46 ant\u00e9rieures \u00e0 12.1X46-D76",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1F6-S10, 15.1R4-S9, 15.1R6-S6, 15.1R7",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.1 ant\u00e9rieures \u00e0 17.1R2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1X65 ant\u00e9rieures \u00e0 16.1X65-D47",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2 ant\u00e9rieures \u00e0 17.2R1-S5, 17.2R2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D60 sur SRX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R5-S3, 16.1R7",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D90",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2 ant\u00e9rieures \u00e0 17.2R1-S3, 17.2R2-S1, 17.2R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1F5-S3, 15.1F6-S8, 15.1F7, 15.1R5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3 ant\u00e9rieures \u00e0 12.3R12-S7, 12.3R13",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D100",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1F2-S20, 15.1F6-S10, 15.1R7",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.1X46 ant\u00e9rieures \u00e0 12.1X46-D60 sur SRX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D60",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D130 sur SRX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D65",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.1 ant\u00e9rieures \u00e0 17.1R1-S7, 17.1R2-S6, 17.1R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D131, 15.1X49-D140",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D35 sur SRX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R3-S8, 16.1R4-S6, 16.1R5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1X70 ant\u00e9rieures \u00e0 16.1X70-D10",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D66, 15.1X53-D233, 15.1X53-D471",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1X53 ant\u00e9rieures \u00e0 14.1X53-D130",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D58 on EX2300/EX3400",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1X53 ant\u00e9rieures \u00e0 14.1X53-D47",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1F2-S19, 15.1F6-S10, 15.1R4-S9, 15.1R5-S7, 15.1R6-S4, 15.1R7",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.1 ant\u00e9rieures \u00e0 17.1R2-S3, 17.1R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2X75 ant\u00e9rieures \u00e0 17.2X75-D70",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D130",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D233 on QFX5200/QFX5110",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1R4-S9, 15.1R6-S6, 15.1R7",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1 ant\u00e9rieures \u00e0 14.1R10, 14.1R9",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.1 ant\u00e9rieures \u00e0 17.1R2-S6, 17.1R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.2 ant\u00e9rieures \u00e0 16.2R1-S6, 16.2R2-S5, 16.2R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D471 on NFX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.2 ant\u00e9rieures \u00e0 16.2R2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D66, 12.3X48-D70",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D59",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D66 sur QFX10",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R3-S8, 16.1R4-S9, 16.1R5-S3, 16.1R6-S3, 16.1R7",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.2 ant\u00e9rieures \u00e0 16.2R1-S6, 16.2R2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R3-S8, 16.1R4-S8, 16.1R5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D55",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.2 ant\u00e9rieures \u00e0 14.2R8",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2015-8767",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8767"
},
{
"name": "CVE-2018-0020",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0020"
},
{
"name": "CVE-2016-5829",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5829"
},
{
"name": "CVE-2016-0701",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0701"
},
{
"name": "CVE-2015-8324",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8324"
},
{
"name": "CVE-2018-0017",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0017"
},
{
"name": "CVE-2013-4312",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4312"
},
{
"name": "CVE-2018-0021",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0021"
},
{
"name": "CVE-2015-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5156"
},
{
"name": "CVE-2013-1762",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1762"
},
{
"name": "CVE-2016-4470",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4470"
},
{
"name": "CVE-2017-1000385",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000385"
},
{
"name": "CVE-2017-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3737"
},
{
"name": "CVE-2018-0016",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0016"
},
{
"name": "CVE-2016-1583",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1583"
},
{
"name": "CVE-2014-7842",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7842"
},
{
"name": "CVE-2015-3644",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3644"
},
{
"name": "CVE-2016-2550",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2550"
},
{
"name": "CVE-2016-5696",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5696"
},
{
"name": "CVE-2015-2925",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2925"
},
{
"name": "CVE-2018-0019",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0019"
},
{
"name": "CVE-2016-4565",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4565"
},
{
"name": "CVE-2018-0022",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0022"
},
{
"name": "CVE-2014-0016",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0016"
},
{
"name": "CVE-2016-0774",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0774"
},
{
"name": "CVE-2015-7550",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7550"
},
{
"name": "CVE-2014-8134",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8134"
},
{
"name": "CVE-2015-8104",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8104"
},
{
"name": "CVE-2017-3732",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3732"
},
{
"name": "CVE-2017-3736",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3736"
},
{
"name": "CVE-2015-2080",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2080"
},
{
"name": "CVE-2017-3735",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3735"
},
{
"name": "CVE-2015-8543",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8543"
},
{
"name": "CVE-2015-3193",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3193"
},
{
"name": "CVE-2017-3738",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3738"
},
{
"name": "CVE-2015-7613",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7613"
},
{
"name": "CVE-2015-5157",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5157"
},
{
"name": "CVE-2008-2420",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2420"
},
{
"name": "CVE-2008-2400",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2400"
},
{
"name": "CVE-2018-0018",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0018"
},
{
"name": "CVE-2015-1805",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1805"
},
{
"name": "CVE-2018-0023",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0023"
},
{
"name": "CVE-2010-5313",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-5313"
},
{
"name": "CVE-2015-7872",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7872"
},
{
"name": "CVE-2015-5307",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5307"
},
{
"name": "CVE-2016-2143",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2143"
}
],
"links": [],
"reference": "CERTFR-2018-AVI-184",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2018-04-16T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper . Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10852 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10852\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10847 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10847\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10845 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10845\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10850 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10850\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10855 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10855\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10844 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10844\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10846 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10846\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10851 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10851\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10856 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10856\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10849 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10849\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10853 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10853\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10854 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10854\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10848 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10848\u0026cat=SIRT_1\u0026actp=LIST"
}
]
}
OPENSUSE-SU-2024:10289-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
stunnel-5.38-1.1 on GA media
Notes
Title of the patch
stunnel-5.38-1.1 on GA media
Description of the patch
These are all security issues fixed in the stunnel-5.38-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-10289
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "stunnel-5.38-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the stunnel-5.38-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-10289",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10289-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3864 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-2940 page",
"url": "https://www.suse.com/security/cve/CVE-2011-2940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1762 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1762/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-0016 page",
"url": "https://www.suse.com/security/cve/CVE-2014-0016/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-0160 page",
"url": "https://www.suse.com/security/cve/CVE-2014-0160/"
}
],
"title": "stunnel-5.38-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:10289-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "stunnel-5.38-1.1.aarch64",
"product": {
"name": "stunnel-5.38-1.1.aarch64",
"product_id": "stunnel-5.38-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "stunnel-doc-5.38-1.1.aarch64",
"product": {
"name": "stunnel-doc-5.38-1.1.aarch64",
"product_id": "stunnel-doc-5.38-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "stunnel-5.38-1.1.ppc64le",
"product": {
"name": "stunnel-5.38-1.1.ppc64le",
"product_id": "stunnel-5.38-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "stunnel-doc-5.38-1.1.ppc64le",
"product": {
"name": "stunnel-doc-5.38-1.1.ppc64le",
"product_id": "stunnel-doc-5.38-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "stunnel-5.38-1.1.s390x",
"product": {
"name": "stunnel-5.38-1.1.s390x",
"product_id": "stunnel-5.38-1.1.s390x"
}
},
{
"category": "product_version",
"name": "stunnel-doc-5.38-1.1.s390x",
"product": {
"name": "stunnel-doc-5.38-1.1.s390x",
"product_id": "stunnel-doc-5.38-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "stunnel-5.38-1.1.x86_64",
"product": {
"name": "stunnel-5.38-1.1.x86_64",
"product_id": "stunnel-5.38-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "stunnel-doc-5.38-1.1.x86_64",
"product": {
"name": "stunnel-doc-5.38-1.1.x86_64",
"product_id": "stunnel-doc-5.38-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-5.38-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:stunnel-5.38-1.1.aarch64"
},
"product_reference": "stunnel-5.38-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-5.38-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:stunnel-5.38-1.1.ppc64le"
},
"product_reference": "stunnel-5.38-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-5.38-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:stunnel-5.38-1.1.s390x"
},
"product_reference": "stunnel-5.38-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-5.38-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:stunnel-5.38-1.1.x86_64"
},
"product_reference": "stunnel-5.38-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-doc-5.38-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:stunnel-doc-5.38-1.1.aarch64"
},
"product_reference": "stunnel-doc-5.38-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-doc-5.38-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:stunnel-doc-5.38-1.1.ppc64le"
},
"product_reference": "stunnel-doc-5.38-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-doc-5.38-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:stunnel-doc-5.38-1.1.s390x"
},
"product_reference": "stunnel-doc-5.38-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-doc-5.38-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:stunnel-doc-5.38-1.1.x86_64"
},
"product_reference": "stunnel-doc-5.38-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2010-3864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3864"
}
],
"notes": [
{
"category": "general",
"text": "Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap-based buffer overflow, related to (1) the TLS server name extension and (2) elliptic curve cryptography.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:stunnel-5.38-1.1.aarch64",
"openSUSE Tumbleweed:stunnel-5.38-1.1.ppc64le",
"openSUSE Tumbleweed:stunnel-5.38-1.1.s390x",
"openSUSE Tumbleweed:stunnel-5.38-1.1.x86_64",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.aarch64",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.ppc64le",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.s390x",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3864",
"url": "https://www.suse.com/security/cve/CVE-2010-3864"
},
{
"category": "external",
"summary": "SUSE Bug 629905 for CVE-2010-3864",
"url": "https://bugzilla.suse.com/629905"
},
{
"category": "external",
"summary": "SUSE Bug 651003 for CVE-2010-3864",
"url": "https://bugzilla.suse.com/651003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:stunnel-5.38-1.1.aarch64",
"openSUSE Tumbleweed:stunnel-5.38-1.1.ppc64le",
"openSUSE Tumbleweed:stunnel-5.38-1.1.s390x",
"openSUSE Tumbleweed:stunnel-5.38-1.1.x86_64",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.aarch64",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.ppc64le",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.s390x",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2010-3864"
},
{
"cve": "CVE-2011-2940",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-2940"
}
],
"notes": [
{
"category": "general",
"text": "stunnel 4.40 and 4.41 might allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:stunnel-5.38-1.1.aarch64",
"openSUSE Tumbleweed:stunnel-5.38-1.1.ppc64le",
"openSUSE Tumbleweed:stunnel-5.38-1.1.s390x",
"openSUSE Tumbleweed:stunnel-5.38-1.1.x86_64",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.aarch64",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.ppc64le",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.s390x",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-2940",
"url": "https://www.suse.com/security/cve/CVE-2011-2940"
},
{
"category": "external",
"summary": "SUSE Bug 715641 for CVE-2011-2940",
"url": "https://bugzilla.suse.com/715641"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:stunnel-5.38-1.1.aarch64",
"openSUSE Tumbleweed:stunnel-5.38-1.1.ppc64le",
"openSUSE Tumbleweed:stunnel-5.38-1.1.s390x",
"openSUSE Tumbleweed:stunnel-5.38-1.1.x86_64",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.aarch64",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.ppc64le",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.s390x",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2011-2940"
},
{
"cve": "CVE-2013-1762",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1762"
}
],
"notes": [
{
"category": "general",
"text": "stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:stunnel-5.38-1.1.aarch64",
"openSUSE Tumbleweed:stunnel-5.38-1.1.ppc64le",
"openSUSE Tumbleweed:stunnel-5.38-1.1.s390x",
"openSUSE Tumbleweed:stunnel-5.38-1.1.x86_64",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.aarch64",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.ppc64le",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.s390x",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1762",
"url": "https://www.suse.com/security/cve/CVE-2013-1762"
},
{
"category": "external",
"summary": "SUSE Bug 807440 for CVE-2013-1762",
"url": "https://bugzilla.suse.com/807440"
},
{
"category": "external",
"summary": "SUSE Bug 807450 for CVE-2013-1762",
"url": "https://bugzilla.suse.com/807450"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:stunnel-5.38-1.1.aarch64",
"openSUSE Tumbleweed:stunnel-5.38-1.1.ppc64le",
"openSUSE Tumbleweed:stunnel-5.38-1.1.s390x",
"openSUSE Tumbleweed:stunnel-5.38-1.1.x86_64",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.aarch64",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.ppc64le",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.s390x",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-1762"
},
{
"cve": "CVE-2014-0016",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-0016"
}
],
"notes": [
{
"category": "general",
"text": "stunnel before 5.00, when using fork threading, does not properly update the state of the OpenSSL pseudo-random number generator (PRNG), which causes subsequent children with the same process ID to use the same entropy pool and allows remote attackers to obtain private keys for EC (ECDSA) or DSA certificates.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:stunnel-5.38-1.1.aarch64",
"openSUSE Tumbleweed:stunnel-5.38-1.1.ppc64le",
"openSUSE Tumbleweed:stunnel-5.38-1.1.s390x",
"openSUSE Tumbleweed:stunnel-5.38-1.1.x86_64",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.aarch64",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.ppc64le",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.s390x",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-0016",
"url": "https://www.suse.com/security/cve/CVE-2014-0016"
},
{
"category": "external",
"summary": "SUSE Bug 866278 for CVE-2014-0016",
"url": "https://bugzilla.suse.com/866278"
},
{
"category": "external",
"summary": "SUSE Bug 866286 for CVE-2014-0016",
"url": "https://bugzilla.suse.com/866286"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:stunnel-5.38-1.1.aarch64",
"openSUSE Tumbleweed:stunnel-5.38-1.1.ppc64le",
"openSUSE Tumbleweed:stunnel-5.38-1.1.s390x",
"openSUSE Tumbleweed:stunnel-5.38-1.1.x86_64",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.aarch64",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.ppc64le",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.s390x",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-0016"
},
{
"cve": "CVE-2014-0160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-0160"
}
],
"notes": [
{
"category": "general",
"text": "The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:stunnel-5.38-1.1.aarch64",
"openSUSE Tumbleweed:stunnel-5.38-1.1.ppc64le",
"openSUSE Tumbleweed:stunnel-5.38-1.1.s390x",
"openSUSE Tumbleweed:stunnel-5.38-1.1.x86_64",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.aarch64",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.ppc64le",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.s390x",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-0160",
"url": "https://www.suse.com/security/cve/CVE-2014-0160"
},
{
"category": "external",
"summary": "SUSE Bug 872299 for CVE-2014-0160",
"url": "https://bugzilla.suse.com/872299"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:stunnel-5.38-1.1.aarch64",
"openSUSE Tumbleweed:stunnel-5.38-1.1.ppc64le",
"openSUSE Tumbleweed:stunnel-5.38-1.1.s390x",
"openSUSE Tumbleweed:stunnel-5.38-1.1.x86_64",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.aarch64",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.ppc64le",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.s390x",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:stunnel-5.38-1.1.aarch64",
"openSUSE Tumbleweed:stunnel-5.38-1.1.ppc64le",
"openSUSE Tumbleweed:stunnel-5.38-1.1.s390x",
"openSUSE Tumbleweed:stunnel-5.38-1.1.x86_64",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.aarch64",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.ppc64le",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.s390x",
"openSUSE Tumbleweed:stunnel-doc-5.38-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-0160"
}
]
}
FKIE_CVE-2013-1762
Vulnerability from fkie_nvd - Published: 2013-03-08 18:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2013-0714.html | ||
| cve@mitre.org | http://www.debian.org/security/2013/dsa-2664 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2013:130 | ||
| cve@mitre.org | https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0097 | ||
| cve@mitre.org | https://www.stunnel.org/CVE-2013-1762.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2013-0714.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2013/dsa-2664 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2013:130 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0097 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.stunnel.org/CVE-2013-1762.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| stunnel | stunnel | * | |
| stunnel | stunnel | 4.21 | |
| stunnel | stunnel | 4.22 | |
| stunnel | stunnel | 4.23 | |
| stunnel | stunnel | 4.24 | |
| stunnel | stunnel | 4.25 | |
| stunnel | stunnel | 4.26 | |
| stunnel | stunnel | 4.27 | |
| stunnel | stunnel | 4.28 | |
| stunnel | stunnel | 4.29 | |
| stunnel | stunnel | 4.30 | |
| stunnel | stunnel | 4.31 | |
| stunnel | stunnel | 4.32 | |
| stunnel | stunnel | 4.33 | |
| stunnel | stunnel | 4.34 | |
| stunnel | stunnel | 4.35 | |
| stunnel | stunnel | 4.36 | |
| stunnel | stunnel | 4.37 | |
| stunnel | stunnel | 4.38 | |
| stunnel | stunnel | 4.39 | |
| stunnel | stunnel | 4.40 | |
| stunnel | stunnel | 4.41 | |
| stunnel | stunnel | 4.42 | |
| stunnel | stunnel | 4.43 | |
| stunnel | stunnel | 4.44 | |
| stunnel | stunnel | 4.45 | |
| stunnel | stunnel | 4.46 | |
| stunnel | stunnel | 4.47 | |
| stunnel | stunnel | 4.48 | |
| stunnel | stunnel | 4.49 | |
| stunnel | stunnel | 4.50 | |
| stunnel | stunnel | 4.51 | |
| stunnel | stunnel | 4.52 | |
| stunnel | stunnel | 4.53 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:stunnel:stunnel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C661630-13C3-449F-9E37-F378EB55A03B",
"versionEndIncluding": "4.54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.21:*:*:*:*:*:*:*",
"matchCriteriaId": "B07502AA-E3E7-4143-B194-7C366CEA4A28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.22:*:*:*:*:*:*:*",
"matchCriteriaId": "97C554E8-62F4-4C73-821D-AB93D8EE841C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.23:*:*:*:*:*:*:*",
"matchCriteriaId": "061A0C84-B26C-4ED6-9771-8B7D29DB7053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.24:*:*:*:*:*:*:*",
"matchCriteriaId": "E2ECB4F8-B623-4917-8420-E1DE6D9E514D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.25:*:*:*:*:*:*:*",
"matchCriteriaId": "A415AEFB-16B5-47EA-BFFC-D8494AEAA4D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.26:*:*:*:*:*:*:*",
"matchCriteriaId": "9928C1C1-B335-4076-80A7-D929A873D01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.27:*:*:*:*:*:*:*",
"matchCriteriaId": "CE6DEA2E-6475-4344-A8F0-34E5061B1C74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.28:*:*:*:*:*:*:*",
"matchCriteriaId": "A67FCF70-990C-45DE-9690-A3D3505C8E57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.29:*:*:*:*:*:*:*",
"matchCriteriaId": "91E0D2BB-59DC-40FA-83CD-1A49B79E1F6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.30:*:*:*:*:*:*:*",
"matchCriteriaId": "B04C76FA-732D-49D9-8CB6-D0C955E9127D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF686D0-3132-4371-9EF5-0E6F299BC98F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.32:*:*:*:*:*:*:*",
"matchCriteriaId": "13C7E3B7-437A-4096-A5A1-B40271E6A6FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.33:*:*:*:*:*:*:*",
"matchCriteriaId": "3E0EE85B-15FA-433F-92EB-8CDB07ED2790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.34:*:*:*:*:*:*:*",
"matchCriteriaId": "D4A3287D-3B8E-42C3-869D-E73A11289762",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.35:*:*:*:*:*:*:*",
"matchCriteriaId": "349AD1F9-315C-4D36-9809-E58F5044D02D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.36:*:*:*:*:*:*:*",
"matchCriteriaId": "69864FF1-8B29-446C-8B5A-160138039C7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.37:*:*:*:*:*:*:*",
"matchCriteriaId": "67B11EF6-C895-410B-AFA2-8E7B349F9571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.38:*:*:*:*:*:*:*",
"matchCriteriaId": "23893E68-A34A-4CBD-B0A5-A41BF346D4BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.39:*:*:*:*:*:*:*",
"matchCriteriaId": "F691D200-26B8-41AC-8123-78A853DFEAF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.40:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E83FE3-B2C1-4DDB-8BD4-48A1DCD25496",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.41:*:*:*:*:*:*:*",
"matchCriteriaId": "7F82A3BF-F540-4C6B-846F-4E614849EDC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.42:*:*:*:*:*:*:*",
"matchCriteriaId": "3C88D6AE-BE42-4E3A-9B95-A9E5A3C7ED11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.43:*:*:*:*:*:*:*",
"matchCriteriaId": "F9E334EF-1A35-4028-8B60-CA6A6890E490",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.44:*:*:*:*:*:*:*",
"matchCriteriaId": "73DF6D41-9CD0-4038-9571-C76B73B4E225",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.45:*:*:*:*:*:*:*",
"matchCriteriaId": "0C89A59C-F6F3-4F2F-AA8A-86E8B259245D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.46:*:*:*:*:*:*:*",
"matchCriteriaId": "67AF1A8D-9C55-4488-9E03-F0D824912BC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.47:*:*:*:*:*:*:*",
"matchCriteriaId": "969EC7D0-FB81-42FB-8089-E5EC1D107F18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.48:*:*:*:*:*:*:*",
"matchCriteriaId": "F66E4DD8-8D15-4DC1-BADD-B6BB6697313E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.49:*:*:*:*:*:*:*",
"matchCriteriaId": "4015B215-4FFA-423E-A7E2-7F43ADEBA326",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.50:*:*:*:*:*:*:*",
"matchCriteriaId": "84826AED-EEA7-4527-9A8E-258641B5C637",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.51:*:*:*:*:*:*:*",
"matchCriteriaId": "9189ECAB-E192-476B-87E1-339AF9BFA4F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.52:*:*:*:*:*:*:*",
"matchCriteriaId": "C3889099-4FEC-4133-9E7D-A8E529DE939A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.53:*:*:*:*:*:*:*",
"matchCriteriaId": "0F208151-3577-479E-B554-C94708D3D727",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow."
},
{
"lang": "es",
"value": "stunnel v4.21 a v4.54, cuando el protocolo de negociaci\u00f3n CONNECT y la autenticaci\u00f3n NTLM est\u00e1n habilitadas, no realiza la conversi\u00f3n de enteros correctamente, lo que permite ejecutar c\u00f3digo de su elecci\u00f3n a servidores remotos proxy a trav\u00e9s de una solicitud hecha a mano que dispara un desbordamiento de b\u00fafer.\r\n"
}
],
"id": "CVE-2013-1762",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 8.5,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-03-08T18:55:01.743",
"references": [
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0714.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2013/dsa-2664"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:130"
},
{
"source": "cve@mitre.org",
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0097"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.stunnel.org/CVE-2013-1762.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0714.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2013/dsa-2664"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0097"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.stunnel.org/CVE-2013-1762.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-997Q-CP6V-CM6W
Vulnerability from github – Published: 2022-05-17 04:54 – Updated: 2022-05-17 04:54
VLAI?
Details
stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow.
{
"affected": [],
"aliases": [
"CVE-2013-1762"
],
"database_specific": {
"cwe_ids": [
"CWE-94"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2013-03-08T18:55:00Z",
"severity": "MODERATE"
},
"details": "stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow.",
"id": "GHSA-997q-cp6v-cm6w",
"modified": "2022-05-17T04:54:16Z",
"published": "2022-05-17T04:54:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1762"
},
{
"type": "WEB",
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0097"
},
{
"type": "WEB",
"url": "https://www.stunnel.org/CVE-2013-1762.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0714.html"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2013/dsa-2664"
},
{
"type": "WEB",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:130"
}
],
"schema_version": "1.4.0",
"severity": []
}
GSD-2013-1762
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2013-1762",
"description": "stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow.",
"id": "GSD-2013-1762",
"references": [
"https://www.suse.com/security/cve/CVE-2013-1762.html",
"https://www.debian.org/security/2013/dsa-2664",
"https://access.redhat.com/errata/RHSA-2013:0714",
"https://linux.oracle.com/cve/CVE-2013-1762.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2013-1762"
],
"details": "stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow.",
"id": "GSD-2013-1762",
"modified": "2023-12-13T01:22:20.527625Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-1762",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDVSA-2013:130",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:130"
},
{
"name": "RHSA-2013:0714",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0714.html"
},
{
"name": "https://www.stunnel.org/CVE-2013-1762.html",
"refsource": "CONFIRM",
"url": "https://www.stunnel.org/CVE-2013-1762.html"
},
{
"name": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0097",
"refsource": "CONFIRM",
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0097"
},
{
"name": "DSA-2664",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2664"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.33:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.42:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.43:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.44:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.51:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.52:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.39:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.41:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.49:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.50:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.45:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.46:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.54",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.28:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.37:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.38:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.47:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.48:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-1762"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.stunnel.org/CVE-2013-1762.html",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://www.stunnel.org/CVE-2013-1762.html"
},
{
"name": "RHSA-2013:0714",
"refsource": "REDHAT",
"tags": [],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0714.html"
},
{
"name": "DSA-2664",
"refsource": "DEBIAN",
"tags": [],
"url": "http://www.debian.org/security/2013/dsa-2664"
},
{
"name": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0097",
"refsource": "CONFIRM",
"tags": [],
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0097"
},
{
"name": "MDVSA-2013:130",
"refsource": "MANDRIVA",
"tags": [],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:130"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 8.5,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2014-01-17T05:13Z",
"publishedDate": "2013-03-08T18:55Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…