Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2940

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2011-2940
Last Modified 25 Aug 2011 12:00:00
Published 25 Aug 2011 10:22:47
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-2940

Summary

stunnel 4.40 and 4.41 might allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

Vulnerable Systems

Application

  • Stunnel 4.40

  • Stunnel 4.41


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=732068

XF - stunnel-unspecifed-code-execution(69318)

MLIST - [stunnel-announce] 20110818 stunnel 4.42 released

BID - 49254

OSVDB - 74600

MLIST - [oss-security] 20110819 CVE request: stunnel 4.4x heap overflow flaw

MLIST - [oss-security] 20110819 Re: CVE request: stunnel 4.4x heap overflow flaw

CONFIRM - http://stunnel.org/?page=sdf_ChangeLog

SECTRACK - 1025959

SECUNIA - 45705


Last Updated: 27 May 2016 10:57:13