ID CVE-2002-0002
Summary Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code.
References
Vulnerable Configurations
  • Stunnel 3.3
    cpe:2.3:a:stunnel:stunnel:3.3
  • Stunnel 3.4a
    cpe:2.3:a:stunnel:stunnel:3.4a
  • Stunnel 3.7
    cpe:2.3:a:stunnel:stunnel:3.7
  • Stunnel 3.8
    cpe:2.3:a:stunnel:stunnel:3.8
  • Stunnel 3.9
    cpe:2.3:a:stunnel:stunnel:3.9
  • Stunnel 3.10
    cpe:2.3:a:stunnel:stunnel:3.10
  • Stunnel 3.11
    cpe:2.3:a:stunnel:stunnel:3.11
  • Stunnel 3.12
    cpe:2.3:a:stunnel:stunnel:3.12
  • Stunnel 3.13
    cpe:2.3:a:stunnel:stunnel:3.13
  • Stunnel 3.14
    cpe:2.3:a:stunnel:stunnel:3.14
  • Stunnel 3.15
    cpe:2.3:a:stunnel:stunnel:3.15
  • Stunnel 3.16
    cpe:2.3:a:stunnel:stunnel:3.16
  • Stunnel 3.17
    cpe:2.3:a:stunnel:stunnel:3.17
  • Stunnel 3.18
    cpe:2.3:a:stunnel:stunnel:3.18
  • Stunnel 3.19
    cpe:2.3:a:stunnel:stunnel:3.19
  • Stunnel 3.20
    cpe:2.3:a:stunnel:stunnel:3.20
  • Stunnel 3.21
    cpe:2.3:a:stunnel:stunnel:3.21
  • Stunnel 3.21a
    cpe:2.3:a:stunnel:stunnel:3.21a
  • Stunnel 3.21b
    cpe:2.3:a:stunnel:stunnel:3.21b
  • Stunnel 3.21c
    cpe:2.3:a:stunnel:stunnel:3.21c
  • Stunnel 3.22
    cpe:2.3:a:stunnel:stunnel:3.22
  • Stunnel 3.24
    cpe:2.3:a:stunnel:stunnel:3.24
  • Engarde Secure Linux 1.0.1
    cpe:2.3:o:engardelinux:secure_linux:1.0.1
  • MandrakeSoft Mandrake Linux 8.1
    cpe:2.3:o:mandrakesoft:mandrake_linux:8.1
  • Red Hat Linux 7.2
    cpe:2.3:o:redhat:linux:7.2
CVSS
Base: 7.5 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
exploit-db via4
description STunnel 3.x Client Negotiation Protocol Format String Vulnerability. CVE-2002-0002. Remote exploit for linux platform
id EDB-ID:21192
last seen 2016-02-02
modified 2001-12-22
published 2001-12-22
reporter deltha
source https://www.exploit-db.com/download/21192/
title STunnel 3.x Client Negotiation Protocol Format String Vulnerability
nessus via4
NASL family Mandriva Local Security Checks
NASL id MANDRAKE_MDKSA-2002-004.NASL
description All versions of stunnel from 3.15 to 3.21c are vulnerable to format string bugs in the functions which implement smtp, pop, and nntp client negotiations. Using stunnel with the '-n service' option and the '-c' client mode option, a malicious server could use the format sting vulnerability to run arbitrary code as the owner of the current stunnel process. Version 3.22 is not vulnerable to this bug.
last seen 2019-02-21
modified 2018-11-15
plugin id 13912
published 2004-07-31
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=13912
title Mandrake Linux Security Advisory : stunnel (MDKSA-2002:004)
redhat via4
advisories
rhsa
id RHSA-2002:002
refmap via4
bid 3748
bugtraq
  • 20011227 Stunnel: Format String Bug in versions <3.22
  • 20020102 Stunnel: Format String Bug update
confirm http://stunnel.mirt.net/news.html
mandrake MDKSA-2002:004
misc http://marc.info/?l=stunnel-users&m=100869449828705&w=2
xf stunnel-client-format-string(7741)
Last major update 17-10-2016 - 22:15
Published 31-01-2002 - 00:00
Last modified 09-10-2017 - 21:30
Back to Top