First published: Fri May 23 2008(Updated: )
The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Stunnel Stunnel | =4.21 | |
Stunnel Stunnel | =4.13 | |
Stunnel Stunnel | =4.02 | |
Stunnel Stunnel | =4.20 | |
Stunnel Stunnel | =4.00 | |
Stunnel Stunnel | =3.21c | |
Stunnel Stunnel | =3.7 | |
Stunnel Stunnel | =4.07 | |
Stunnel Stunnel | =4.09 | |
Stunnel Stunnel | =3.8p1 | |
Stunnel Stunnel | =3.6 | |
Stunnel Stunnel | =4.18 | |
Stunnel Stunnel | =4.15 | |
Stunnel Stunnel | =3.21b | |
Stunnel Stunnel | =3.14 | |
Stunnel Stunnel | =3.4a | |
Stunnel Stunnel | =3.22 | |
Stunnel Stunnel | =3.18 | |
Stunnel Stunnel | =3.20 | |
Stunnel Stunnel | =4.12 | |
Stunnel Stunnel | =4.04 | |
Stunnel Stunnel | =3.15 | |
Stunnel Stunnel | =4.05 | |
Stunnel Stunnel | =3.24 | |
Stunnel Stunnel | =3.11 | |
Stunnel Stunnel | =3.8 | |
Stunnel Stunnel | =4.22 | |
Stunnel Stunnel | =3.21 | |
Stunnel Stunnel | =3.8p4 | |
Stunnel Stunnel | =4.14 | |
Stunnel Stunnel | =3.13 | |
Stunnel Stunnel | =4.16 | |
Stunnel Stunnel | =3.23 | |
Stunnel Stunnel | =3.17 | |
Stunnel Stunnel | =3.5 | |
Stunnel Stunnel | =4.19 | |
Stunnel Stunnel | =4.10 | |
Stunnel Stunnel | =3.8p3 | |
Stunnel Stunnel | =3.8p2 | |
Stunnel Stunnel | =4.17 | |
Stunnel Stunnel | =3.10 | |
Stunnel Stunnel | =3.16 | |
Stunnel Stunnel | =3.9 | |
Stunnel Stunnel | =3.12 | |
Stunnel Stunnel | =3.21a | |
Stunnel Stunnel | =4.23 | |
Stunnel Stunnel | =4.08 | |
Stunnel Stunnel | =3.26 | |
Stunnel Stunnel | =4.06 | |
Stunnel Stunnel | =3.25 | |
Stunnel Stunnel | =4.11 | |
Stunnel Stunnel | =4.01 | |
Stunnel Stunnel | =4.03 | |
Stunnel Stunnel | =3.19 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.