CVE-2015-3644

EPSS 0.25%

stunnel4 - security update

發布日:2015/5/14修改日:2026/5/26

描述

Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote attackers to bypass authentication.

受影響套件(2)

Debian/stunnel4from 0, < 3:5.18-1
Debian/stunnel4from 0, < 3:5.06-2+deb8u1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2015-3644