Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2015-3644 (GCVE-0-2015-3644)
Vulnerability from cvelistv5 – Published: 2015-05-14 00:00 – Updated: 2024-08-06 05:47
VLAI?
EPSS
Summary
Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote attackers to bypass authentication.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:47:57.755Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3299",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3299"
},
{
"name": "74659",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74659"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.stunnel.org/CVE-2015-3644.html"
},
{
"name": "1032324",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032324"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote attackers to bypass authentication."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-23T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-3299",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3299"
},
{
"name": "74659",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74659"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.stunnel.org/CVE-2015-3644.html"
},
{
"name": "1032324",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032324"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3644",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote attackers to bypass authentication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3299",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3299"
},
{
"name": "74659",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74659"
},
{
"name": "https://www.stunnel.org/CVE-2015-3644.html",
"refsource": "CONFIRM",
"url": "https://www.stunnel.org/CVE-2015-3644.html"
},
{
"name": "1032324",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032324"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-3644",
"datePublished": "2015-05-14T00:00:00",
"dateReserved": "2015-05-04T00:00:00",
"dateUpdated": "2024-08-06T05:47:57.755Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2015-3644\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2015-05-14T00:59:06.147\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote attackers to bypass authentication.\"},{\"lang\":\"es\",\"value\":\"Stunnel 5.00 hasta 5.13, cuando utiliza la opci\u00f3n de redirecci\u00f3n, no redirige las conexiones de clientes al servidor esperado despu\u00e9s de la conexi\u00f3n inicial, lo que permite a atacantes remotos evadir la autenticaci\u00f3n.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:N\",\"baseScore\":5.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-284\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:5.00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86A9A9F5-B193-44DC-88EF-D0409AB2CD42\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:5.01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AD482D3-F96B-41EB-BEF2-ED59A2B2E77B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:5.02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79CCAF8F-FAB6-40B5-8752-0E5AA6CDC0CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:5.03:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59AE589F-7747-4F46-A58F-608AB7110B46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:5.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14F8AE5A-BCBB-4F41-862D-D930CAA67B61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:5.05:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E881D0A8-5BA1-41FC-9743-262CAB3BCD08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:5.06:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5636BFAF-4A5C-4002-B6BB-75B6F6BD534D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:5.07:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9B042A1-00CF-40CD-BAA2-1E2FFBE6FEE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:5.08:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26F8ECBC-35ED-4736-9EA3-E439747E4249\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:5.09:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A40647D-D3F4-4BB8-9A20-66366E330EF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:5.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D933945A-4FFE-4A90-B5A7-D375E36F5D90\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:5.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B9E126F-CC19-4C4D-BB98-D4A21D7B84C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:5.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60862632-E37E-40D4-8153-FE82CFD0E011\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:5.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2774924-2867-42CF-AFFB-996809126E31\"}]}]}],\"references\":[{\"url\":\"http://www.debian.org/security/2015/dsa-3299\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/74659\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id/1032324\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.stunnel.org/CVE-2015-3644.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.debian.org/security/2015/dsa-3299\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/74659\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1032324\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.stunnel.org/CVE-2015-3644.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
}
}
GSD-2015-3644
Vulnerability from gsd - Updated: 2023-12-13 01:20Details
Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote attackers to bypass authentication.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2015-3644",
"description": "Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote attackers to bypass authentication.",
"id": "GSD-2015-3644",
"references": [
"https://www.suse.com/security/cve/CVE-2015-3644.html",
"https://www.debian.org/security/2015/dsa-3299",
"https://advisories.mageia.org/CVE-2015-3644.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2015-3644"
],
"details": "Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote attackers to bypass authentication.",
"id": "GSD-2015-3644",
"modified": "2023-12-13T01:20:07.616028Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3644",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote attackers to bypass authentication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3299",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3299"
},
{
"name": "74659",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74659"
},
{
"name": "https://www.stunnel.org/CVE-2015-3644.html",
"refsource": "CONFIRM",
"url": "https://www.stunnel.org/CVE-2015-3644.html"
},
{
"name": "1032324",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032324"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:5.03:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:5.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:5.05:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:5.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:5.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:5.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:5.08:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:5.09:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:5.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:5.02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:5.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:5.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:5.06:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:5.07:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3644"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote attackers to bypass authentication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.stunnel.org/CVE-2015-3644.html",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.stunnel.org/CVE-2015-3644.html"
},
{
"name": "1032324",
"refsource": "SECTRACK",
"tags": [],
"url": "http://www.securitytracker.com/id/1032324"
},
{
"name": "74659",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/74659"
},
{
"name": "DSA-3299",
"refsource": "DEBIAN",
"tags": [],
"url": "http://www.debian.org/security/2015/dsa-3299"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2016-12-28T02:59Z",
"publishedDate": "2015-05-14T00:59Z"
}
}
}
SUSE-SU-2015:1062-1
Vulnerability from csaf_suse - Published: 2015-05-27 12:15 - Updated: 2015-05-27 12:15Summary
Security update for stunnel
Notes
Title of the patch
Security update for stunnel
Description of the patch
This update fixes an authentication bypass when using
the 'redirect' option (CVE-2015-3644, bsc#931517, backport from v5.17).
Patchnames
SUSE-SLE-SERVER-12-2015-268
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for stunnel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update fixes an authentication bypass when using\nthe \u0027redirect\u0027 option (CVE-2015-3644, bsc#931517, backport from v5.17).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-SERVER-12-2015-268",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2015_1062-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2015:1062-1",
"url": "https://www.suse.com/support/update/announcement/2015/suse-su-20151062-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2015:1062-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2015-June/001439.html"
},
{
"category": "self",
"summary": "SUSE Bug 931517",
"url": "https://bugzilla.suse.com/931517"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-3644 page",
"url": "https://www.suse.com/security/cve/CVE-2015-3644/"
}
],
"title": "Security update for stunnel",
"tracking": {
"current_release_date": "2015-05-27T12:15:01Z",
"generator": {
"date": "2015-05-27T12:15:01Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2015:1062-1",
"initial_release_date": "2015-05-27T12:15:01Z",
"revision_history": [
{
"date": "2015-05-27T12:15:01Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "stunnel-5.00-3.1.ppc64le",
"product": {
"name": "stunnel-5.00-3.1.ppc64le",
"product_id": "stunnel-5.00-3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "stunnel-5.00-3.1.s390x",
"product": {
"name": "stunnel-5.00-3.1.s390x",
"product_id": "stunnel-5.00-3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "stunnel-5.00-3.1.x86_64",
"product": {
"name": "stunnel-5.00-3.1.x86_64",
"product_id": "stunnel-5.00-3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12",
"product": {
"name": "SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-5.00-3.1.ppc64le as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:stunnel-5.00-3.1.ppc64le"
},
"product_reference": "stunnel-5.00-3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-5.00-3.1.s390x as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:stunnel-5.00-3.1.s390x"
},
"product_reference": "stunnel-5.00-3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-5.00-3.1.x86_64 as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:stunnel-5.00-3.1.x86_64"
},
"product_reference": "stunnel-5.00-3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-5.00-3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:stunnel-5.00-3.1.ppc64le"
},
"product_reference": "stunnel-5.00-3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-5.00-3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:stunnel-5.00-3.1.s390x"
},
"product_reference": "stunnel-5.00-3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-5.00-3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:stunnel-5.00-3.1.x86_64"
},
"product_reference": "stunnel-5.00-3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-3644",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-3644"
}
],
"notes": [
{
"category": "general",
"text": "Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote attackers to bypass authentication.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12:stunnel-5.00-3.1.ppc64le",
"SUSE Linux Enterprise Server 12:stunnel-5.00-3.1.s390x",
"SUSE Linux Enterprise Server 12:stunnel-5.00-3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:stunnel-5.00-3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:stunnel-5.00-3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:stunnel-5.00-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-3644",
"url": "https://www.suse.com/security/cve/CVE-2015-3644"
},
{
"category": "external",
"summary": "SUSE Bug 1177580 for CVE-2015-3644",
"url": "https://bugzilla.suse.com/1177580"
},
{
"category": "external",
"summary": "SUSE Bug 931517 for CVE-2015-3644",
"url": "https://bugzilla.suse.com/931517"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12:stunnel-5.00-3.1.ppc64le",
"SUSE Linux Enterprise Server 12:stunnel-5.00-3.1.s390x",
"SUSE Linux Enterprise Server 12:stunnel-5.00-3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:stunnel-5.00-3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:stunnel-5.00-3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:stunnel-5.00-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-05-27T12:15:01Z",
"details": "moderate"
}
],
"title": "CVE-2015-3644"
}
]
}
FKIE_CVE-2015-3644
Vulnerability from fkie_nvd - Published: 2015-05-14 00:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote attackers to bypass authentication.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| stunnel | stunnel | 5.00 | |
| stunnel | stunnel | 5.01 | |
| stunnel | stunnel | 5.02 | |
| stunnel | stunnel | 5.03 | |
| stunnel | stunnel | 5.04 | |
| stunnel | stunnel | 5.05 | |
| stunnel | stunnel | 5.06 | |
| stunnel | stunnel | 5.07 | |
| stunnel | stunnel | 5.08 | |
| stunnel | stunnel | 5.09 | |
| stunnel | stunnel | 5.10 | |
| stunnel | stunnel | 5.11 | |
| stunnel | stunnel | 5.12 | |
| stunnel | stunnel | 5.13 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:stunnel:stunnel:5.00:*:*:*:*:*:*:*",
"matchCriteriaId": "86A9A9F5-B193-44DC-88EF-D0409AB2CD42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:5.01:*:*:*:*:*:*:*",
"matchCriteriaId": "4AD482D3-F96B-41EB-BEF2-ED59A2B2E77B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:5.02:*:*:*:*:*:*:*",
"matchCriteriaId": "79CCAF8F-FAB6-40B5-8752-0E5AA6CDC0CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:5.03:*:*:*:*:*:*:*",
"matchCriteriaId": "59AE589F-7747-4F46-A58F-608AB7110B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:5.04:*:*:*:*:*:*:*",
"matchCriteriaId": "14F8AE5A-BCBB-4F41-862D-D930CAA67B61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "E881D0A8-5BA1-41FC-9743-262CAB3BCD08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:5.06:*:*:*:*:*:*:*",
"matchCriteriaId": "5636BFAF-4A5C-4002-B6BB-75B6F6BD534D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:5.07:*:*:*:*:*:*:*",
"matchCriteriaId": "C9B042A1-00CF-40CD-BAA2-1E2FFBE6FEE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:5.08:*:*:*:*:*:*:*",
"matchCriteriaId": "26F8ECBC-35ED-4736-9EA3-E439747E4249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:5.09:*:*:*:*:*:*:*",
"matchCriteriaId": "5A40647D-D3F4-4BB8-9A20-66366E330EF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D933945A-4FFE-4A90-B5A7-D375E36F5D90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "9B9E126F-CC19-4C4D-BB98-D4A21D7B84C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "60862632-E37E-40D4-8153-FE82CFD0E011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "D2774924-2867-42CF-AFFB-996809126E31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote attackers to bypass authentication."
},
{
"lang": "es",
"value": "Stunnel 5.00 hasta 5.13, cuando utiliza la opci\u00f3n de redirecci\u00f3n, no redirige las conexiones de clientes al servidor esperado despu\u00e9s de la conexi\u00f3n inicial, lo que permite a atacantes remotos evadir la autenticaci\u00f3n."
}
],
"id": "CVE-2015-3644",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-05-14T00:59:06.147",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2015/dsa-3299"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/74659"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032324"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.stunnel.org/CVE-2015-3644.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3299"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/74659"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032324"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.stunnel.org/CVE-2015-3644.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CERTFR-2018-AVI-184
Vulnerability from certfr_avis - Published: 2018-04-16 - Updated: 2018-04-16
De multiples vulnérabilités ont été découvertes dans les produits Juniper . Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | N/A | Steel-Belted Radius (SBR) Carrier 8.2.0 antérieures à 8.2.0-R18 | ||
| Juniper Networks | N/A | CTPOS versions antérieures à 7.3R4 ou 7.4R1 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X49 antérieures à 15.1X49-D60 sur SRX | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X49 antérieures à 15.1X49-D100 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3X48 antérieures à 12.3X48-D66, 12.3X48-D70 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 antérieures à 15.1X53-D59 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 antérieures à 16.1R5 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 antérieures à 15.1X53-D58 on EX2300/EX3400 | ||
| Juniper Networks | N/A | CentOS versions 6.5 antérieures à 2012.2R12 | ||
| Juniper Networks | Junos OS | Junos OS versions 14.2 antérieures à 14.2R8 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 antérieures à 16.1R3-S8, 16.1R4-S9, 16.1R5-S3, 16.1R6-S3, 16.1R7 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3X48 antérieures à 12.3X48-D50 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 antérieures à 15.1X53-D233 on QFX5200/QFX5110 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1X70 antérieures à 16.1X70-D10 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X49 antérieures à 15.1X49-D90 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.2 antérieures à 16.2R1-S6, 16.2R2 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.1 antérieures à 17.1R2 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 antérieures à 16.1R3-S8, 16.1R4-S6, 16.1R5 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X49 antérieures à 15.1X49-D60 | ||
| Juniper Networks | N/A | Steel-Belted Radius (SBR) Carrier versions 8.3.0.x antérieures à 8.3.0-R11 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.1 antérieures à 17.1R2-S6, 17.1R3 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.1 antérieures à 17.1R2-S3, 17.1R3 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3X48 antérieures à 12.3X48-D65 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X49 antérieures à 15.1X49-D130 sur SRX | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 antérieures à 15.1F2-S19, 15.1F6-S10, 15.1R4-S9, 15.1R5-S7, 15.1R6-S4, 15.1R7 | ||
| Juniper Networks | N/A | NSM versions antérieures à 2012.2R14 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2X75 antérieures à 17.2X75-D70 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3X48 antérieures à 12.3X48-D35 sur SRX | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 antérieures à 15.1X53-D66, 15.1X53-D233, 15.1X53-D471 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.2 antérieures à 16.2R2 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 antérieures à 15.1F6-S10, 15.1R4-S9, 15.1R6-S6, 15.1R7 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1X65 antérieures à 16.1X65-D47 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 antérieures à 15.1R4-S9, 15.1R6-S6, 15.1R7 | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1 antérieures à 14.1R10, 14.1R9 | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1X53 antérieures à 14.1X53-D47 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.2 antérieures à 16.2R1-S6, 16.2R2-S5, 16.2R3 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 antérieures à 15.1X53-D233, 15.1X53-D471, 15.1X53-D472, 15.1X53-D58, 15.1X53-D66 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3 antérieures à 12.3R12-S7, 12.3R13 | ||
| Juniper Networks | N/A | CTPView versions antérieures à 7.3R4 ou 7.4R2 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 antérieures à 15.1X53-D471 on NFX | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 antérieures à 16.1R5-S3, 16.1R7 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.1X46 antérieures à 12.1X46-D76 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 antérieures à 15.1X53-D66 sur QFX10K | ||
| N/A | N/A | Junos Snapshot Administrator (JSNAPy) versions antérieures à 1.3.0 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2 antérieures à 17.2R1-S5, 17.2R2 | ||
| Juniper Networks | N/A | NorthStar Controller versions 3.2.x antérieures à 3.2.1 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 antérieures à 15.1F2-S20, 15.1F6-S10, 15.1R7 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.1X46 antérieures à 12.1X46-D60 sur SRX | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X49 antérieures à 15.1X49-D131, 15.1X49-D140 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 antérieures à 15.1F5-S3, 15.1F6-S8, 15.1F7, 15.1R5 | ||
| Juniper Networks | N/A | NorthStar Controller versions 3.0.x antérieures à 3.0.1 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3X48 antérieures à 12.3X48-D55 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.1 antérieures à 17.1R1-S7, 17.1R2-S6, 17.1R3 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X49 antérieures à 15.1X49-D130 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 antérieures à 15.1X53-D66 sur QFX10 | ||
| Juniper Networks | N/A | Steel-Belted Radius (SBR) Carrier versions 8.4.1.x antérieures à 8.4.1-R5 | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1X53 antérieures à 14.1X53-D130 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 antérieures à 16.1R3-S8, 16.1R4-S8, 16.1R5 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2 antérieures à 17.2R1-S3, 17.2R2-S1, 17.2R3 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Steel-Belted Radius (SBR) Carrier 8.2.0 ant\u00e9rieures \u00e0 8.2.0-R18",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "CTPOS versions ant\u00e9rieures \u00e0 7.3R4 ou 7.4R1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D60 sur SRX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D100",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D66, 12.3X48-D70",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D59",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D58 on EX2300/EX3400",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "CentOS versions 6.5 ant\u00e9rieures \u00e0 2012.2R12",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.2 ant\u00e9rieures \u00e0 14.2R8",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R3-S8, 16.1R4-S9, 16.1R5-S3, 16.1R6-S3, 16.1R7",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D50",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D233 on QFX5200/QFX5110",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1X70 ant\u00e9rieures \u00e0 16.1X70-D10",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D90",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.2 ant\u00e9rieures \u00e0 16.2R1-S6, 16.2R2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.1 ant\u00e9rieures \u00e0 17.1R2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R3-S8, 16.1R4-S6, 16.1R5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D60",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Steel-Belted Radius (SBR) Carrier versions 8.3.0.x ant\u00e9rieures \u00e0 8.3.0-R11",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.1 ant\u00e9rieures \u00e0 17.1R2-S6, 17.1R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.1 ant\u00e9rieures \u00e0 17.1R2-S3, 17.1R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D65",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D130 sur SRX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1F2-S19, 15.1F6-S10, 15.1R4-S9, 15.1R5-S7, 15.1R6-S4, 15.1R7",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "NSM versions ant\u00e9rieures \u00e0 2012.2R14",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2X75 ant\u00e9rieures \u00e0 17.2X75-D70",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D35 sur SRX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D66, 15.1X53-D233, 15.1X53-D471",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.2 ant\u00e9rieures \u00e0 16.2R2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1F6-S10, 15.1R4-S9, 15.1R6-S6, 15.1R7",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1X65 ant\u00e9rieures \u00e0 16.1X65-D47",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1R4-S9, 15.1R6-S6, 15.1R7",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1 ant\u00e9rieures \u00e0 14.1R10, 14.1R9",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1X53 ant\u00e9rieures \u00e0 14.1X53-D47",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.2 ant\u00e9rieures \u00e0 16.2R1-S6, 16.2R2-S5, 16.2R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D233, 15.1X53-D471, 15.1X53-D472, 15.1X53-D58, 15.1X53-D66",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3 ant\u00e9rieures \u00e0 12.3R12-S7, 12.3R13",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "CTPView versions ant\u00e9rieures \u00e0 7.3R4 ou 7.4R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D471 on NFX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R5-S3, 16.1R7",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.1X46 ant\u00e9rieures \u00e0 12.1X46-D76",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D66 sur QFX10K",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Snapshot Administrator (JSNAPy) versions ant\u00e9rieures \u00e0 1.3.0",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2 ant\u00e9rieures \u00e0 17.2R1-S5, 17.2R2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "NorthStar Controller versions 3.2.x ant\u00e9rieures \u00e0 3.2.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1F2-S20, 15.1F6-S10, 15.1R7",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.1X46 ant\u00e9rieures \u00e0 12.1X46-D60 sur SRX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D131, 15.1X49-D140",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1F5-S3, 15.1F6-S8, 15.1F7, 15.1R5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "NorthStar Controller versions 3.0.x ant\u00e9rieures \u00e0 3.0.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D55",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.1 ant\u00e9rieures \u00e0 17.1R1-S7, 17.1R2-S6, 17.1R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D130",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D66 sur QFX10",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Steel-Belted Radius (SBR) Carrier versions 8.4.1.x ant\u00e9rieures \u00e0 8.4.1-R5",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1X53 ant\u00e9rieures \u00e0 14.1X53-D130",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R3-S8, 16.1R4-S8, 16.1R5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2 ant\u00e9rieures \u00e0 17.2R1-S3, 17.2R2-S1, 17.2R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2015-8767",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8767"
},
{
"name": "CVE-2018-0020",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0020"
},
{
"name": "CVE-2016-5829",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5829"
},
{
"name": "CVE-2016-0701",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0701"
},
{
"name": "CVE-2015-8324",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8324"
},
{
"name": "CVE-2018-0017",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0017"
},
{
"name": "CVE-2013-4312",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4312"
},
{
"name": "CVE-2018-0021",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0021"
},
{
"name": "CVE-2015-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5156"
},
{
"name": "CVE-2013-1762",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1762"
},
{
"name": "CVE-2016-4470",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4470"
},
{
"name": "CVE-2017-1000385",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000385"
},
{
"name": "CVE-2017-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3737"
},
{
"name": "CVE-2018-0016",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0016"
},
{
"name": "CVE-2016-1583",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1583"
},
{
"name": "CVE-2014-7842",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7842"
},
{
"name": "CVE-2015-3644",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3644"
},
{
"name": "CVE-2016-2550",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2550"
},
{
"name": "CVE-2016-5696",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5696"
},
{
"name": "CVE-2015-2925",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2925"
},
{
"name": "CVE-2018-0019",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0019"
},
{
"name": "CVE-2016-4565",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4565"
},
{
"name": "CVE-2018-0022",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0022"
},
{
"name": "CVE-2014-0016",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0016"
},
{
"name": "CVE-2016-0774",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0774"
},
{
"name": "CVE-2015-7550",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7550"
},
{
"name": "CVE-2014-8134",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8134"
},
{
"name": "CVE-2015-8104",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8104"
},
{
"name": "CVE-2017-3732",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3732"
},
{
"name": "CVE-2017-3736",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3736"
},
{
"name": "CVE-2015-2080",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2080"
},
{
"name": "CVE-2017-3735",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3735"
},
{
"name": "CVE-2015-8543",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8543"
},
{
"name": "CVE-2015-3193",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3193"
},
{
"name": "CVE-2017-3738",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3738"
},
{
"name": "CVE-2015-7613",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7613"
},
{
"name": "CVE-2015-5157",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5157"
},
{
"name": "CVE-2008-2420",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2420"
},
{
"name": "CVE-2008-2400",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2400"
},
{
"name": "CVE-2018-0018",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0018"
},
{
"name": "CVE-2015-1805",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1805"
},
{
"name": "CVE-2018-0023",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0023"
},
{
"name": "CVE-2010-5313",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-5313"
},
{
"name": "CVE-2015-7872",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7872"
},
{
"name": "CVE-2015-5307",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5307"
},
{
"name": "CVE-2016-2143",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2143"
}
],
"initial_release_date": "2018-04-16T00:00:00",
"last_revision_date": "2018-04-16T00:00:00",
"links": [],
"reference": "CERTFR-2018-AVI-184",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2018-04-16T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper . Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10852 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10852\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10847 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10847\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10845 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10845\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10850 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10850\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10855 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10855\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10844 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10844\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10846 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10846\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10851 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10851\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10856 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10856\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10849 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10849\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10853 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10853\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10854 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10854\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10848 du 11 avril 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10848\u0026cat=SIRT_1\u0026actp=LIST"
}
]
}
GHSA-3W38-W685-6793
Vulnerability from github – Published: 2022-05-17 03:14 – Updated: 2022-05-17 03:14
VLAI?
Details
Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote attackers to bypass authentication.
{
"affected": [],
"aliases": [
"CVE-2015-3644"
],
"database_specific": {
"cwe_ids": [
"CWE-284"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2015-05-14T00:59:00Z",
"severity": "MODERATE"
},
"details": "Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote attackers to bypass authentication.",
"id": "GHSA-3w38-w685-6793",
"modified": "2022-05-17T03:14:28Z",
"published": "2022-05-17T03:14:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3644"
},
{
"type": "WEB",
"url": "https://www.stunnel.org/CVE-2015-3644.html"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2015/dsa-3299"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/74659"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1032324"
}
],
"schema_version": "1.4.0",
"severity": []
}
OPENSUSE-SU-2024:12196-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
stunnel-5.65-1.1 on GA media
Notes
Title of the patch
stunnel-5.65-1.1 on GA media
Description of the patch
These are all security issues fixed in the stunnel-5.65-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-12196
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "stunnel-5.65-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the stunnel-5.65-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-12196",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_12196-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-3644 page",
"url": "https://www.suse.com/security/cve/CVE-2015-3644/"
}
],
"title": "stunnel-5.65-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:12196-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "stunnel-5.65-1.1.aarch64",
"product": {
"name": "stunnel-5.65-1.1.aarch64",
"product_id": "stunnel-5.65-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "stunnel-doc-5.65-1.1.aarch64",
"product": {
"name": "stunnel-doc-5.65-1.1.aarch64",
"product_id": "stunnel-doc-5.65-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "stunnel-5.65-1.1.ppc64le",
"product": {
"name": "stunnel-5.65-1.1.ppc64le",
"product_id": "stunnel-5.65-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "stunnel-doc-5.65-1.1.ppc64le",
"product": {
"name": "stunnel-doc-5.65-1.1.ppc64le",
"product_id": "stunnel-doc-5.65-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "stunnel-5.65-1.1.s390x",
"product": {
"name": "stunnel-5.65-1.1.s390x",
"product_id": "stunnel-5.65-1.1.s390x"
}
},
{
"category": "product_version",
"name": "stunnel-doc-5.65-1.1.s390x",
"product": {
"name": "stunnel-doc-5.65-1.1.s390x",
"product_id": "stunnel-doc-5.65-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "stunnel-5.65-1.1.x86_64",
"product": {
"name": "stunnel-5.65-1.1.x86_64",
"product_id": "stunnel-5.65-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "stunnel-doc-5.65-1.1.x86_64",
"product": {
"name": "stunnel-doc-5.65-1.1.x86_64",
"product_id": "stunnel-doc-5.65-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-5.65-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:stunnel-5.65-1.1.aarch64"
},
"product_reference": "stunnel-5.65-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-5.65-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:stunnel-5.65-1.1.ppc64le"
},
"product_reference": "stunnel-5.65-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-5.65-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:stunnel-5.65-1.1.s390x"
},
"product_reference": "stunnel-5.65-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-5.65-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:stunnel-5.65-1.1.x86_64"
},
"product_reference": "stunnel-5.65-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-doc-5.65-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:stunnel-doc-5.65-1.1.aarch64"
},
"product_reference": "stunnel-doc-5.65-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-doc-5.65-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:stunnel-doc-5.65-1.1.ppc64le"
},
"product_reference": "stunnel-doc-5.65-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-doc-5.65-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:stunnel-doc-5.65-1.1.s390x"
},
"product_reference": "stunnel-doc-5.65-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stunnel-doc-5.65-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:stunnel-doc-5.65-1.1.x86_64"
},
"product_reference": "stunnel-doc-5.65-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-3644",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-3644"
}
],
"notes": [
{
"category": "general",
"text": "Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote attackers to bypass authentication.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:stunnel-5.65-1.1.aarch64",
"openSUSE Tumbleweed:stunnel-5.65-1.1.ppc64le",
"openSUSE Tumbleweed:stunnel-5.65-1.1.s390x",
"openSUSE Tumbleweed:stunnel-5.65-1.1.x86_64",
"openSUSE Tumbleweed:stunnel-doc-5.65-1.1.aarch64",
"openSUSE Tumbleweed:stunnel-doc-5.65-1.1.ppc64le",
"openSUSE Tumbleweed:stunnel-doc-5.65-1.1.s390x",
"openSUSE Tumbleweed:stunnel-doc-5.65-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-3644",
"url": "https://www.suse.com/security/cve/CVE-2015-3644"
},
{
"category": "external",
"summary": "SUSE Bug 1177580 for CVE-2015-3644",
"url": "https://bugzilla.suse.com/1177580"
},
{
"category": "external",
"summary": "SUSE Bug 931517 for CVE-2015-3644",
"url": "https://bugzilla.suse.com/931517"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:stunnel-5.65-1.1.aarch64",
"openSUSE Tumbleweed:stunnel-5.65-1.1.ppc64le",
"openSUSE Tumbleweed:stunnel-5.65-1.1.s390x",
"openSUSE Tumbleweed:stunnel-5.65-1.1.x86_64",
"openSUSE Tumbleweed:stunnel-doc-5.65-1.1.aarch64",
"openSUSE Tumbleweed:stunnel-doc-5.65-1.1.ppc64le",
"openSUSE Tumbleweed:stunnel-doc-5.65-1.1.s390x",
"openSUSE Tumbleweed:stunnel-doc-5.65-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-3644"
}
]
}
CNVD-2015-03168
Vulnerability from cnvd - Published: 2015-05-19
VLAI Severity ?
Title
Stunnel验证绕过漏洞
Description
Stunnel是一个自由的跨平台软件,用于提供全局的TLS/SSL服务。
Stunnel使用重定向选项时,在初始化连接后没有重定向客户端连接到预期的服务器,允许远程攻击者利用漏洞绕过验证。
Severity
中
Patch Name
Stunnel验证绕过漏洞的补丁
Patch Description
Stunnel是一个自由的跨平台软件,用于提供全局的TLS/SSL服务。Stunnel使用重定向选项时,在初始化连接后没有重定向客户端连接到预期的服务器,允许远程攻击者利用漏洞绕过验证。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
用户可参考如下厂商提供的安全公告获取补丁以修复该漏洞: https://www.stunnel.org/CVE-2015-3644.html
Reference
https://www.stunnel.org/CVE-2015-3644.html
Impacted products
| Name | Stunnel Stunnel 5.00-5.13 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2015-3644"
}
},
"description": "Stunnel\u662f\u4e00\u4e2a\u81ea\u7531\u7684\u8de8\u5e73\u53f0\u8f6f\u4ef6\uff0c\u7528\u4e8e\u63d0\u4f9b\u5168\u5c40\u7684TLS/SSL\u670d\u52a1\u3002\r\n\r\nStunnel\u4f7f\u7528\u91cd\u5b9a\u5411\u9009\u9879\u65f6\uff0c\u5728\u521d\u59cb\u5316\u8fde\u63a5\u540e\u6ca1\u6709\u91cd\u5b9a\u5411\u5ba2\u6237\u7aef\u8fde\u63a5\u5230\u9884\u671f\u7684\u670d\u52a1\u5668\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u7ed5\u8fc7\u9a8c\u8bc1\u3002",
"discovererName": "Micha\u0142 Trojnara",
"formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u53d6\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttps://www.stunnel.org/CVE-2015-3644.html",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2015-03168",
"openTime": "2015-05-19",
"patchDescription": "Stunnel\u662f\u4e00\u4e2a\u81ea\u7531\u7684\u8de8\u5e73\u53f0\u8f6f\u4ef6\uff0c\u7528\u4e8e\u63d0\u4f9b\u5168\u5c40\u7684TLS/SSL\u670d\u52a1\u3002Stunnel\u4f7f\u7528\u91cd\u5b9a\u5411\u9009\u9879\u65f6\uff0c\u5728\u521d\u59cb\u5316\u8fde\u63a5\u540e\u6ca1\u6709\u91cd\u5b9a\u5411\u5ba2\u6237\u7aef\u8fde\u63a5\u5230\u9884\u671f\u7684\u670d\u52a1\u5668\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u7ed5\u8fc7\u9a8c\u8bc1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Stunnel\u9a8c\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "Stunnel Stunnel 5.00-5.13"
},
"referenceLink": "https://www.stunnel.org/CVE-2015-3644.html",
"serverity": "\u4e2d",
"submitTime": "2015-05-15",
"title": "Stunnel\u9a8c\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…