The OCSP functionality in stunnel prior to 4.24 does not properly search certificate revocation lists (CRL), which allows remote malicious users to bypass intended access restrictions by using revoked certificates.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
stunnel stunnel 3.15 |
||
stunnel stunnel 3.16 |
||
stunnel stunnel 3.21c |
||
stunnel stunnel 3.22 |
||
stunnel stunnel 3.6 |
||
stunnel stunnel 3.7 |
||
stunnel stunnel 4.00 |
||
stunnel stunnel 4.01 |
||
stunnel stunnel 4.09 |
||
stunnel stunnel 4.10 |
||
stunnel stunnel 4.17 |
||
stunnel stunnel 4.18 |
||
stunnel stunnel 3.11 |
||
stunnel stunnel 3.12 |
||
stunnel stunnel 3.19 |
||
stunnel stunnel 3.20 |
||
stunnel stunnel 3.21 |
||
stunnel stunnel 3.25 |
||
stunnel stunnel 3.26 |
||
stunnel stunnel 3.8p2 |
||
stunnel stunnel 3.8p3 |
||
stunnel stunnel 4.05 |
||
stunnel stunnel 4.06 |
||
stunnel stunnel 4.13 |
||
stunnel stunnel 4.14 |
||
stunnel stunnel 4.21 |
||
stunnel stunnel 4.22 |
||
stunnel stunnel 3.10 |
||
stunnel stunnel 3.17 |
||
stunnel stunnel 3.18 |
||
stunnel stunnel 3.23 |
||
stunnel stunnel 3.24 |
||
stunnel stunnel 3.8 |
||
stunnel stunnel 3.8p1 |
||
stunnel stunnel 4.02 |
||
stunnel stunnel 4.03 |
||
stunnel stunnel 4.04 |
||
stunnel stunnel 4.11 |
||
stunnel stunnel 4.12 |
||
stunnel stunnel 4.19 |
||
stunnel stunnel 4.20 |
||
stunnel stunnel 3.13 |
||
stunnel stunnel 3.14 |
||
stunnel stunnel 3.21a |
||
stunnel stunnel 3.21b |
||
stunnel stunnel 3.4a |
||
stunnel stunnel 3.5 |
||
stunnel stunnel 3.8p4 |
||
stunnel stunnel 3.9 |
||
stunnel stunnel 4.07 |
||
stunnel stunnel 4.08 |
||
stunnel stunnel 4.15 |
||
stunnel stunnel 4.16 |
||
stunnel stunnel 4.23 |