fkie_nvd - fkie_cve-2008-2420

FKIE_CVE-2008-2420

Vulnerability from fkie_nvd - Published: 2008-05-23 15:32 - Updated: 2025-04-09 00:30

Severity ?

Summary

The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/30335	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/30425
cve@mitre.org	http://secunia.com/advisories/31438
cve@mitre.org	http://security.gentoo.org/glsa/glsa-200808-08.xml
cve@mitre.org	http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000035.html
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDVSA-2008:168
cve@mitre.org	http://www.securityfocus.com/bid/29309	Patch
cve@mitre.org	http://www.vupen.com/english/advisories/2008/1569/references
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/42528
cve@mitre.org	https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00856.html
cve@mitre.org	https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00907.html
cve@mitre.org	https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00942.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30335	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30425
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31438
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200808-08.xml
af854a3a-2127-422b-91ae-364da2661108	http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000035.html
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2008:168
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/29309	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1569/references
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/42528
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00856.html
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00907.html
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00942.html

Impacted products

Vendor	Product	Version
stunnel	stunnel	3.4a
stunnel	stunnel	3.5
stunnel	stunnel	3.6
stunnel	stunnel	3.7
stunnel	stunnel	3.8
stunnel	stunnel	3.8p1
stunnel	stunnel	3.8p2
stunnel	stunnel	3.8p3
stunnel	stunnel	3.8p4
stunnel	stunnel	3.9
stunnel	stunnel	3.10
stunnel	stunnel	3.11
stunnel	stunnel	3.12
stunnel	stunnel	3.13
stunnel	stunnel	3.14
stunnel	stunnel	3.15
stunnel	stunnel	3.16
stunnel	stunnel	3.17
stunnel	stunnel	3.18
stunnel	stunnel	3.19
stunnel	stunnel	3.20
stunnel	stunnel	3.21
stunnel	stunnel	3.21a
stunnel	stunnel	3.21b
stunnel	stunnel	3.21c
stunnel	stunnel	3.22
stunnel	stunnel	3.23
stunnel	stunnel	3.24
stunnel	stunnel	3.25
stunnel	stunnel	3.26
stunnel	stunnel	4.00
stunnel	stunnel	4.01
stunnel	stunnel	4.02
stunnel	stunnel	4.03
stunnel	stunnel	4.04
stunnel	stunnel	4.05
stunnel	stunnel	4.06
stunnel	stunnel	4.07
stunnel	stunnel	4.08
stunnel	stunnel	4.09
stunnel	stunnel	4.10
stunnel	stunnel	4.11
stunnel	stunnel	4.12
stunnel	stunnel	4.13
stunnel	stunnel	4.14
stunnel	stunnel	4.15
stunnel	stunnel	4.16
stunnel	stunnel	4.17
stunnel	stunnel	4.18
stunnel	stunnel	4.19
stunnel	stunnel	4.20
stunnel	stunnel	4.21
stunnel	stunnel	4.22
stunnel	stunnel	4.23

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.4a:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D009335-E83C-4B35-ADB0-CBD6B82C0EA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F4B0933-7D3A-43C9-9E42-FF5DAE94EDEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "F317B556-717B-46B9-A81E-63FC61723B72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "185B6AF8-18E7-4E6A-A7B9-60DFB17F33E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "400FE849-D547-44DE-B06F-5B68E5B20E07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.8p1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4AEA6DC-1A98-433F-B916-597395D5914A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.8p2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB24165B-92FD-48BA-94C3-87A922DDC6E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.8p3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B04F4BE4-34DE-4B8A-A1F1-32D12D33A5AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.8p4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A04CF19D-9C30-4433-A5E2-F3949479BE36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "C236DC35-A2F7-47FB-AD51-17D2A0FD7DA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "B256301B-9C6A-4BA6-8318-675C0EF4C316",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC33DAEE-8F51-404F-B5C4-B8A30B467E94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FCDC66D-3BF5-4763-8877-38B0D3326E62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "75772E28-BD93-4981-96FA-CDF41DAF65AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "2415230E-4F66-4DDE-9E34-F685E8F4085A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "5121749D-3E19-4A9B-8C2D-84420A4E289B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E14DE44-69E6-4D0E-AD06-A829AFCDE528",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D5B202D-D93D-4E33-BC9F-DA44B727C0B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCC62D42-832D-4E6E-93D9-E7BA0CBC7799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5D49F98-9A24-464A-8695-58218C14B3DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADFFE78D-90EC-46C6-B215-2EADD9E0D146",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "6132108C-C344-4ABC-AF40-1925830A6723",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.21a:*:*:*:*:*:*:*",
              "matchCriteriaId": "8362D330-E286-4534-8560-B4B38E21767F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.21b:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0496D60-BE45-45FF-B360-60E59443DB96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.21c:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA2EA0D4-05B6-4500-9374-74BBDAB6001F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "F16BDA03-BFAB-4839-A83A-370865928225",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDC6F568-DB15-40BD-906B-A4ED4804C40A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB5A2E06-A98E-409C-9A90-460AF4CCF101",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DF66986-248A-4EE8-B60F-182C774A4066",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB8991F3-A5F5-41EE-8809-31E09BAC4DCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD371A76-9729-487E-AA15-775FFEBE3473",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7B30722-13DD-41C5-9CFA-0719B351CF46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "722BA04D-BA9B-427C-B129-06EFEC3F2859",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.03:*:*:*:*:*:*:*",
              "matchCriteriaId": "2891FF7D-E62E-47F4-8873-1E4066247348",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.04:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A129110-60C1-46FC-9817-6E3802ADB389",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.05:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF52167B-1109-4E02-A02F-17465F4C47FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.06:*:*:*:*:*:*:*",
              "matchCriteriaId": "61536049-1C52-42E2-96DC-E5FF88BCC850",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.07:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE0EE4B5-C9D3-4DF1-B7B7-377B281FA313",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.08:*:*:*:*:*:*:*",
              "matchCriteriaId": "2811F3BC-03F8-4781-8D01-BAAE1BDE8895",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.09:*:*:*:*:*:*:*",
              "matchCriteriaId": "82C4D865-9641-4E28-935C-BDCBDB9C2CEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BF1DADF-BD26-41CF-BFA3-3C2928CDF9F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "75CF8185-A8FC-4EEE-B937-34924834AB43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1561B7D-78BC-4910-85F4-113E84B97B3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "63DDF225-57D2-40E5-9BCA-672FBB3E2A6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "04043E99-5F67-4FE9-89FC-695B981FBD5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD11753B-1993-4DE5-B172-AF4839B5620E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "711059F5-ACB3-4D2A-931F-BA1C4422FC8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DDB6C42-0837-462B-BE2B-11A81B43C590",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EEAAF27-156A-40FF-ADBF-79D851E744AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB202677-DDC6-42D1-9A90-CD4A79198553",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2C3EF02-B456-4506-94E8-5C41CB4FF69B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "B07502AA-E3E7-4143-B194-7C366CEA4A28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "97C554E8-62F4-4C73-821D-AB93D8EE841C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "061A0C84-B26C-4ED6-9771-8B7D29DB7053",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad en la funcionalidad OCSP en stunnel anteriores a 4.24 no busca de forma adecuada la lista de revocaci\u00f3n de certificado (CRL), que permite a atacantes remotos intentar saltarse las restricciones de acceso utilizando certificados revocados.\r\n"
    }
  ],
  "id": "CVE-2008-2420",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-05-23T15:32:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30335"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/30425"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/31438"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-200808-08.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000035.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:168"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/29309"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/1569/references"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42528"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00856.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00907.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00942.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30335"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30425"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31438"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200808-08.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000035.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:168"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/29309"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1569/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42528"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00856.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00907.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00942.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "Not vulnerable. OCSP protocol support was only implemented in upstream stunnel version 4.16.  Therefore OCSP protocol is not available in the versions of stunnel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.\n\n",
      "lastModified": "2008-05-26T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2008-2420 (GCVE-0-2008-2420)

Vulnerability from cvelistv5 – Published: 2008-05-23 15:00 – Updated: 2024-08-07 08:58

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://secunia.com/advisories/30425	third-party-advisoryx_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	https://www.redhat.com/archives/fedora-package-an…	vendor-advisoryx_refsource_FEDORA
	http://www.vupen.com/english/advisories/2008/1569…	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/30335	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/31438	third-party-advisoryx_refsource_SECUNIA
	https://www.redhat.com/archives/fedora-package-an…	vendor-advisoryx_refsource_FEDORA
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://stunnel.mirt.net/pipermail/stunnel-announc…	mailing-listx_refsource_MLIST
	https://www.redhat.com/archives/fedora-package-an…	vendor-advisoryx_refsource_FEDORA
	http://security.gentoo.org/glsa/glsa-200808-08.xml	vendor-advisoryx_refsource_GENTOO
	http://www.securityfocus.com/bid/29309	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T08:58:02.605Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "30425",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30425"
          },
          {
            "name": "stunnel-ocsp-security-bypass(42528)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42528"
          },
          {
            "name": "FEDORA-2008-4606",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00942.html"
          },
          {
            "name": "ADV-2008-1569",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1569/references"
          },
          {
            "name": "30335",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30335"
          },
          {
            "name": "31438",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31438"
          },
          {
            "name": "FEDORA-2008-4531",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00856.html"
          },
          {
            "name": "MDVSA-2008:168",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:168"
          },
          {
            "name": "[stunnel-announce] 20080519 stunnel 4.24 released",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000035.html"
          },
          {
            "name": "FEDORA-2008-4579",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00907.html"
          },
          {
            "name": "GLSA-200808-08",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200808-08.xml"
          },
          {
            "name": "29309",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/29309"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-05-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "30425",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30425"
        },
        {
          "name": "stunnel-ocsp-security-bypass(42528)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42528"
        },
        {
          "name": "FEDORA-2008-4606",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00942.html"
        },
        {
          "name": "ADV-2008-1569",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1569/references"
        },
        {
          "name": "30335",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30335"
        },
        {
          "name": "31438",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31438"
        },
        {
          "name": "FEDORA-2008-4531",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00856.html"
        },
        {
          "name": "MDVSA-2008:168",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:168"
        },
        {
          "name": "[stunnel-announce] 20080519 stunnel 4.24 released",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000035.html"
        },
        {
          "name": "FEDORA-2008-4579",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00907.html"
        },
        {
          "name": "GLSA-200808-08",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200808-08.xml"
        },
        {
          "name": "29309",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/29309"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-2420",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "30425",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30425"
            },
            {
              "name": "stunnel-ocsp-security-bypass(42528)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42528"
            },
            {
              "name": "FEDORA-2008-4606",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00942.html"
            },
            {
              "name": "ADV-2008-1569",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1569/references"
            },
            {
              "name": "30335",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30335"
            },
            {
              "name": "31438",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31438"
            },
            {
              "name": "FEDORA-2008-4531",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00856.html"
            },
            {
              "name": "MDVSA-2008:168",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:168"
            },
            {
              "name": "[stunnel-announce] 20080519 stunnel 4.24 released",
              "refsource": "MLIST",
              "url": "http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000035.html"
            },
            {
              "name": "FEDORA-2008-4579",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00907.html"
            },
            {
              "name": "GLSA-200808-08",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200808-08.xml"
            },
            {
              "name": "29309",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/29309"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-2420",
    "datePublished": "2008-05-23T15:00:00",
    "dateReserved": "2008-05-23T00:00:00",
    "dateUpdated": "2024-08-07T08:58:02.605Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

FKIE_CVE-2008-2420

CVE-2008-2420 (GCVE-0-2008-2420)

Tags

Sightings

Nomenclature