oval:org.mitre.oval:def:20019
| Definition Id: oval:org.mitre.oval:def:20019 | |||
| Oval ID: | oval:org.mitre.oval:def:20019 | ||
| Title: | DSA-2664-1 stunnel4 - buffer overflow | ||
| Description: | Stunnel, a program designed to work as an universal SSL tunnel for network daemons, is prone to a buffer overflow vulnerability when using the Microsoft NT LAN Manager (NTLM) authentication (<q>protocolAuthentication = NTLM</q>) together with the <q>connect</q> protocol method (<q>protocol = connect</q>). With these prerequisites and using stunnel4 in SSL client mode (<q>client = yes</q>) on a 64 bit host, an attacker could possibly execute arbitrary code with the privileges of the stunnel process, if the attacker can either control the specified proxy server or perform man-in-the-middle attacks on the tcp session between stunnel and the proxy sever. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2664-1 CVE-2013-1762 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | stunnel4 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12959 | |||
| Oval ID: | oval:org.mitre.oval:def:12959 | ||
| Title: | Debian 6.0 is installed | ||
| Description: | Debian 6.0 (squeeze) is installed | ||
| Family: | unix | Class: | inventory |
| Reference(s): | cpe:/o:debian:debian:6.0 | Version: | 6 |
| Platform(s): | Debian 6.0 | Product(s): | |
| Definition Synopsis: | |||
| Referenced By: | |||
| oval:org.mitre.oval:def:20019 | |||
| Definition Id: oval:org.mitre.oval:def:24894 | |||
| Oval ID: | oval:org.mitre.oval:def:24894 | ||
| Title: | Debian GNU/Linux is installed | ||
| Description: | Debian GNU/Linux is installed | ||
| Family: | unix | Class: | inventory |
| Reference(s): | cpe:/o:debian:debian_gnu/linux | Version: | 3 |
| Platform(s): | Debian GNU/Linux | Product(s): | |
| Definition Synopsis: | |||
| Referenced By: | |||
| oval:org.mitre.oval:def:20019 | |||
| Definition Id: oval:org.mitre.oval:def:24698 | |||
| Oval ID: | oval:org.mitre.oval:def:24698 | ||
| Title: | Debian GNU/kFreeBSD is installed | ||
| Description: | Debian GNU/kFreeBSD is installed | ||
| Family: | unix | Class: | inventory |
| Reference(s): | cpe:/o:debian:debian_gnu/kfreebsd | Version: | 3 |
| Platform(s): | Debian GNU/kFreeBSD | Product(s): | |
| Definition Synopsis: | |||
| Referenced By: | |||
| oval:org.mitre.oval:def:20019 | |||
