HIGHπŸ‡΅πŸ‡± Wersja polska

CVE-2001-0060

CVSS 10.0v2.0pub. 2001-02-12upd. 2026-04-16

Format string vulnerability in stunnel 3.8 and earlier allows attackers to execute arbitrary commands via a malformed ident username.

CVSS Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
  • Stunnel

    APP
    Stunnel
    3.33.4a3.73.8
πŸ”΅
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2021-20230HIGH7.5ten sam produkt

A flaw was found in stunnel before 5.57, where it improperly validates client certificates when it is configur...

CVE-2011-2940HIGH9.3ten sam produkt

stunnel 4.40 and 4.41 might allow remote attackers to execute arbitrary code or cause a denial of service (hea...

CVE-2008-2400HIGH7.2ten sam produkt

Unspecified vulnerability in stunnel before 4.23, when running as a service on Windows, allows local users to ...

CVE-2002-0002HIGH7.5ten sam produkt

Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp...

CVE-2015-3644MEDIUM5.8ten sam produkt

Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expecte...

CVE-2001-0060 β€” Stunnel β€” HIGH β€” CVSS 10.0 | CVEbaza.pl