fkie_cve-2014-0016
Vulnerability from fkie_nvd
Published
2014-03-24 16:31
Modified
2025-04-12 10:46
Severity ?
Summary
stunnel before 5.00, when using fork threading, does not properly update the state of the OpenSSL pseudo-random number generator (PRNG), which causes subsequent children with the same process ID to use the same entropy pool and allows remote attackers to obtain private keys for EC (ECDSA) or DSA certificates.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:stunnel:stunnel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE8D4F93-EED9-4EDB-808C-E7AE0E76BA89",
"versionEndIncluding": "4.56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E27CAA87-6971-4CFB-8299-931952B5157D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "579E37FC-51E6-4ECA-B05F-F4468772496B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0B56E5F0-6FFC-4188-AF11-F7583253F56E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8797A96C-B660-45DC-B218-38B8DB85B451",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B01D02DC-F570-47CE-AC1B-37DFEC9C1A28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B283AD3E-A27E-4B76-BEA8-05334DBF0A88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "69F0D8C8-3BCE-4AF7-953B-CEA2633E4179",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "503A7976-C3A6-447A-9531-0DB699C4A625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BAFC4E2-FDB5-489C-B9C3-DF13A5186FA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0D60C3DB-4185-484A-8275-D3541A40C046",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0FB236EF-0F97-4656-AB49-1D7829A63FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.0:b1:*:*:*:*:*:*",
"matchCriteriaId": "3073CCF6-5312-4FB2-AA43-D3B285EE32C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.0:b2:*:*:*:*:*:*",
"matchCriteriaId": "49E5FD63-32E3-4C40-A55C-B70546FDD866",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.0:b3:*:*:*:*:*:*",
"matchCriteriaId": "0B6444AC-588D-4154-B78E-3EB34129F1BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.0:b4:*:*:*:*:*:*",
"matchCriteriaId": "EC36154E-6006-45BB-A7CB-5293195602CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.0:b5:*:*:*:*:*:*",
"matchCriteriaId": "12C931B9-DDBE-4E94-8361-6A4D55886CF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.0:b6:*:*:*:*:*:*",
"matchCriteriaId": "3EBE0C35-0FB9-44D6-8FA2-8712A2BF9A60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.0:b7:*:*:*:*:*:*",
"matchCriteriaId": "5FFA8AD2-CAE2-4818-9D0C-0C32E62F3A59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CA2A0A-B7DE-49DD-940D-C19801CF5D55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0D68D250-CA5B-4311-AF3C-48605948A067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2E4A0103-713D-4E56-B32F-EB1649F26EE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "7D009335-E83C-4B35-ADB0-CBD6B82C0EA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7F4B0933-7D3A-43C9-9E42-FF5DAE94EDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F317B556-717B-46B9-A81E-63FC61723B72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "185B6AF8-18E7-4E6A-A7B9-60DFB17F33E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "400FE849-D547-44DE-B06F-5B68E5B20E07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.8:p1:*:*:*:*:*:*",
"matchCriteriaId": "E0845ED5-9C1A-4F1F-B6E5-AAF8B6893A28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.8:p2:*:*:*:*:*:*",
"matchCriteriaId": "1A23EB22-BD30-4FA3-9BAA-0B4B65C49F81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.8:p3:*:*:*:*:*:*",
"matchCriteriaId": "6EB00100-8EF0-463E-9C17-05525B7B5852",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.8:p4:*:*:*:*:*:*",
"matchCriteriaId": "466B14A9-B16C-41F3-B2A0-C3194A6D1C1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.8p1:*:*:*:*:*:*:*",
"matchCriteriaId": "E4AEA6DC-1A98-433F-B916-597395D5914A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.8p2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB24165B-92FD-48BA-94C3-87A922DDC6E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.8p3:*:*:*:*:*:*:*",
"matchCriteriaId": "B04F4BE4-34DE-4B8A-A1F1-32D12D33A5AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.8p4:*:*:*:*:*:*:*",
"matchCriteriaId": "A04CF19D-9C30-4433-A5E2-F3949479BE36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C236DC35-A2F7-47FB-AD51-17D2A0FD7DA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B256301B-9C6A-4BA6-8318-675C0EF4C316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EC33DAEE-8F51-404F-B5C4-B8A30B467E94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1FCDC66D-3BF5-4763-8877-38B0D3326E62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "75772E28-BD93-4981-96FA-CDF41DAF65AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "2415230E-4F66-4DDE-9E34-F685E8F4085A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "5121749D-3E19-4A9B-8C2D-84420A4E289B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "6E14DE44-69E6-4D0E-AD06-A829AFCDE528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.17:*:*:*:*:*:*:*",
"matchCriteriaId": "3D5B202D-D93D-4E33-BC9F-DA44B727C0B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.18:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC62D42-832D-4E6E-93D9-E7BA0CBC7799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.19:*:*:*:*:*:*:*",
"matchCriteriaId": "B5D49F98-9A24-464A-8695-58218C14B3DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "ADFFE78D-90EC-46C6-B215-2EADD9E0D146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.21:*:*:*:*:*:*:*",
"matchCriteriaId": "6132108C-C344-4ABC-AF40-1925830A6723",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.21a:*:*:*:*:*:*:*",
"matchCriteriaId": "8362D330-E286-4534-8560-B4B38E21767F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.21b:*:*:*:*:*:*:*",
"matchCriteriaId": "D0496D60-BE45-45FF-B360-60E59443DB96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.21c:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2EA0D4-05B6-4500-9374-74BBDAB6001F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.22:*:*:*:*:*:*:*",
"matchCriteriaId": "F16BDA03-BFAB-4839-A83A-370865928225",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.23:*:*:*:*:*:*:*",
"matchCriteriaId": "CDC6F568-DB15-40BD-906B-A4ED4804C40A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.24:*:*:*:*:*:*:*",
"matchCriteriaId": "EB5A2E06-A98E-409C-9A90-460AF4CCF101",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.25:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF66986-248A-4EE8-B60F-182C774A4066",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.26:*:*:*:*:*:*:*",
"matchCriteriaId": "BB8991F3-A5F5-41EE-8809-31E09BAC4DCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.00:*:*:*:*:*:*:*",
"matchCriteriaId": "CD371A76-9729-487E-AA15-775FFEBE3473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC396CE-FDA7-480C-9E94-1A26B7FB208E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.01:*:*:*:*:*:*:*",
"matchCriteriaId": "C7B30722-13DD-41C5-9CFA-0719B351CF46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.02:*:*:*:*:*:*:*",
"matchCriteriaId": "722BA04D-BA9B-427C-B129-06EFEC3F2859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.03:*:*:*:*:*:*:*",
"matchCriteriaId": "2891FF7D-E62E-47F4-8873-1E4066247348",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.04:*:*:*:*:*:*:*",
"matchCriteriaId": "6A129110-60C1-46FC-9817-6E3802ADB389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.05:*:*:*:*:*:*:*",
"matchCriteriaId": "AF52167B-1109-4E02-A02F-17465F4C47FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.06:*:*:*:*:*:*:*",
"matchCriteriaId": "61536049-1C52-42E2-96DC-E5FF88BCC850",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.07:*:*:*:*:*:*:*",
"matchCriteriaId": "AE0EE4B5-C9D3-4DF1-B7B7-377B281FA313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.08:*:*:*:*:*:*:*",
"matchCriteriaId": "2811F3BC-03F8-4781-8D01-BAAE1BDE8895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.09:*:*:*:*:*:*:*",
"matchCriteriaId": "82C4D865-9641-4E28-935C-BDCBDB9C2CEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "2BF1DADF-BD26-41CF-BFA3-3C2928CDF9F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "75CF8185-A8FC-4EEE-B937-34924834AB43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A1561B7D-78BC-4910-85F4-113E84B97B3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "63DDF225-57D2-40E5-9BCA-672FBB3E2A6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "04043E99-5F67-4FE9-89FC-695B981FBD5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "FD11753B-1993-4DE5-B172-AF4839B5620E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.16:*:*:*:*:*:*:*",
"matchCriteriaId": "711059F5-ACB3-4D2A-931F-BA1C4422FC8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "5DDB6C42-0837-462B-BE2B-11A81B43C590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.18:*:*:*:*:*:*:*",
"matchCriteriaId": "5EEAAF27-156A-40FF-ADBF-79D851E744AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "EB202677-DDC6-42D1-9A90-CD4A79198553",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "F2C3EF02-B456-4506-94E8-5C41CB4FF69B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.21:*:*:*:*:*:*:*",
"matchCriteriaId": "B07502AA-E3E7-4143-B194-7C366CEA4A28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.22:*:*:*:*:*:*:*",
"matchCriteriaId": "97C554E8-62F4-4C73-821D-AB93D8EE841C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.23:*:*:*:*:*:*:*",
"matchCriteriaId": "061A0C84-B26C-4ED6-9771-8B7D29DB7053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.24:*:*:*:*:*:*:*",
"matchCriteriaId": "E2ECB4F8-B623-4917-8420-E1DE6D9E514D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.25:*:*:*:*:*:*:*",
"matchCriteriaId": "A415AEFB-16B5-47EA-BFFC-D8494AEAA4D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.26:*:*:*:*:*:*:*",
"matchCriteriaId": "9928C1C1-B335-4076-80A7-D929A873D01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.27:*:*:*:*:*:*:*",
"matchCriteriaId": "CE6DEA2E-6475-4344-A8F0-34E5061B1C74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.28:*:*:*:*:*:*:*",
"matchCriteriaId": "A67FCF70-990C-45DE-9690-A3D3505C8E57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.29:*:*:*:*:*:*:*",
"matchCriteriaId": "91E0D2BB-59DC-40FA-83CD-1A49B79E1F6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.30:*:*:*:*:*:*:*",
"matchCriteriaId": "B04C76FA-732D-49D9-8CB6-D0C955E9127D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF686D0-3132-4371-9EF5-0E6F299BC98F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.32:*:*:*:*:*:*:*",
"matchCriteriaId": "13C7E3B7-437A-4096-A5A1-B40271E6A6FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.33:*:*:*:*:*:*:*",
"matchCriteriaId": "3E0EE85B-15FA-433F-92EB-8CDB07ED2790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.34:*:*:*:*:*:*:*",
"matchCriteriaId": "D4A3287D-3B8E-42C3-869D-E73A11289762",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.35:*:*:*:*:*:*:*",
"matchCriteriaId": "349AD1F9-315C-4D36-9809-E58F5044D02D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.36:*:*:*:*:*:*:*",
"matchCriteriaId": "69864FF1-8B29-446C-8B5A-160138039C7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.37:*:*:*:*:*:*:*",
"matchCriteriaId": "67B11EF6-C895-410B-AFA2-8E7B349F9571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.38:*:*:*:*:*:*:*",
"matchCriteriaId": "23893E68-A34A-4CBD-B0A5-A41BF346D4BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.39:*:*:*:*:*:*:*",
"matchCriteriaId": "F691D200-26B8-41AC-8123-78A853DFEAF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.40:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E83FE3-B2C1-4DDB-8BD4-48A1DCD25496",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.41:*:*:*:*:*:*:*",
"matchCriteriaId": "7F82A3BF-F540-4C6B-846F-4E614849EDC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.42:*:*:*:*:*:*:*",
"matchCriteriaId": "3C88D6AE-BE42-4E3A-9B95-A9E5A3C7ED11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.43:*:*:*:*:*:*:*",
"matchCriteriaId": "F9E334EF-1A35-4028-8B60-CA6A6890E490",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.44:*:*:*:*:*:*:*",
"matchCriteriaId": "73DF6D41-9CD0-4038-9571-C76B73B4E225",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.45:*:*:*:*:*:*:*",
"matchCriteriaId": "0C89A59C-F6F3-4F2F-AA8A-86E8B259245D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.46:*:*:*:*:*:*:*",
"matchCriteriaId": "67AF1A8D-9C55-4488-9E03-F0D824912BC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.47:*:*:*:*:*:*:*",
"matchCriteriaId": "969EC7D0-FB81-42FB-8089-E5EC1D107F18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.48:*:*:*:*:*:*:*",
"matchCriteriaId": "F66E4DD8-8D15-4DC1-BADD-B6BB6697313E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.49:*:*:*:*:*:*:*",
"matchCriteriaId": "4015B215-4FFA-423E-A7E2-7F43ADEBA326",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.50:*:*:*:*:*:*:*",
"matchCriteriaId": "84826AED-EEA7-4527-9A8E-258641B5C637",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.51:*:*:*:*:*:*:*",
"matchCriteriaId": "9189ECAB-E192-476B-87E1-339AF9BFA4F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.52:*:*:*:*:*:*:*",
"matchCriteriaId": "C3889099-4FEC-4133-9E7D-A8E529DE939A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.53:*:*:*:*:*:*:*",
"matchCriteriaId": "0F208151-3577-479E-B554-C94708D3D727",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.54:*:*:*:*:*:*:*",
"matchCriteriaId": "3F054876-9E47-4FA8-883A-FF9366891829",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.55:*:*:*:*:*:*:*",
"matchCriteriaId": "62EC8E1D-4D8C-4EE0-89EB-2A5CB53D65F5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "stunnel before 5.00, when using fork threading, does not properly update the state of the OpenSSL pseudo-random number generator (PRNG), which causes subsequent children with the same process ID to use the same entropy pool and allows remote attackers to obtain private keys for EC (ECDSA) or DSA certificates."
},
{
"lang": "es",
"value": "stunnel anterior a 5.00, cuando utilizando hilo de bifurcaci\u00f3n, no actualiza debidamente el estado del generador de n\u00fameros psuedoaleatorios OpenSSL (PRNG), lo que causa que hijos posteriores con el mismo proceso ID utilicen el mismo pool de entrop\u00eda y permite a atacantes remotos obtener claves privadas para certificados EC (ECDSA) o DSA."
}
],
"id": "CVE-2014-0016",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-03-24T16:31:08.447",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2014/03/05/1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/65964"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/attachment.cgi?id=870826\u0026action=diff"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1072180"
},
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.stunnel.org/sdf_ChangeLog.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2014/03/05/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/65964"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/attachment.cgi?id=870826\u0026action=diff"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1072180"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.stunnel.org/sdf_ChangeLog.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-332"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…