Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2400

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2008-2400
Last Modified 07 Mar 2011 10:09:07
Published 22 May 2008 09:09:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-2400

Summary

Unspecified vulnerability in stunnel before 4.23, when running as a service on Windows, allows local users to gain privileges via unknown attack vectors.

Vulnerable Systems

Application

  • Stunnel 0.1

  • Stunnel 1.0

  • Stunnel 1.1

  • Stunnel 1.2

  • Stunnel 1.3

  • Stunnel 1.4

  • Stunnel 1.5

  • Stunnel 1.6

  • Stunnel 2.0

  • Stunnel 2.1

  • Stunnel 3.0

  • Stunnel 3.1

  • Stunnel 3.10

  • Stunnel 3.11

  • Stunnel 3.12

  • Stunnel 3.13

  • Stunnel 3.14

  • Stunnel 3.15

  • Stunnel 3.16

  • Stunnel 3.17

  • Stunnel 3.18

  • Stunnel 3.19

  • Stunnel 3.2

  • Stunnel 3.20

  • Stunnel 3.21

  • Stunnel 3.21a

  • Stunnel 3.21b

  • Stunnel 3.21c

  • Stunnel 3.22

  • Stunnel 3.24

  • Stunnel 3.3

  • Stunnel 3.4a

  • Stunnel 3.5

  • Stunnel 3.6

  • Stunnel 3.7

  • Stunnel 3.8

  • Stunnel 3.9

  • Stunnel 4.0

  • Stunnel 4.01

  • Stunnel 4.02

  • Stunnel 4.03

  • Stunnel 4.04

  • Stunnel 4.05

  • Stunnel 4.06

  • Stunnel 4.07

  • Stunnel 4.08

  • Stunnel 4.09

  • Stunnel 4.10

  • Stunnel 4.11

  • Stunnel 4.12

  • Stunnel 4.13

  • Stunnel 4.14

  • Stunnel 4.15

  • Stunnel 4.16

  • Stunnel 4.17

  • Stunnel 4.18

  • Stunnel 4.19

  • Stunnel 4.20

  • Stunnel 4.21

  • Stunnel 4.22


References

VUPEN - ADV-2008-1568

MLIST - [stunnel-announce] 20080503 stunnel 4.23 released

SECUNIA - 30297

XF - stunnel-windows-privilege-escalation(42526)

SECTRACK - 1020049

BID - 29285


Last Updated: 27 May 2016 10:47:51