- Home
- CVEs with nessus.description==All versions of stunnel from 3.15 to 3.21c are vulnerable to format string bugs in the functions which implement smtp, pop, and nntp client negotiations. Using stunnel with the '-n service' option and the '-c' client mode option, a malicious server could use the format sting vulnerability to run arbitrary code as the owner of the current stunnel process. Version 3.22 is not vulnerable to this bug
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top