exploitDog

CVE-2001-0060

Опубликовано: 12 фев. 2001

Источник: nvd

CVSS2: 10

EPSS Низкий

Описание

Format string vulnerability in stunnel 3.8 and earlier allows attackers to execute arbitrary commands via a malformed ident username.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2000-12/0337.html
Patch
Vendor Advisory
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000363
http://www.debian.org/security/2001/dsa-009
http://www.redhat.com/support/errata/RHSA-2000-129.html
http://www.securityfocus.com/archive/1/151719
Patch
Vendor Advisory
http://www.securityfocus.com/bid/2128
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/5807
http://archives.neohapsis.com/archives/bugtraq/2000-12/0337.html
Patch
Vendor Advisory
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000363
http://www.debian.org/security/2001/dsa-009
http://www.redhat.com/support/errata/RHSA-2000-129.html
http://www.securityfocus.com/archive/1/151719
Patch
Vendor Advisory
http://www.securityfocus.com/bid/2128
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/5807

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:stunnel:stunnel:3.3:*:*:*:*:*:*:*

cpe:2.3:a:stunnel:stunnel:3.4a:*:*:*:*:*:*:*

cpe:2.3:a:stunnel:stunnel:3.7:*:*:*:*:*:*:*

cpe:2.3:a:stunnel:stunnel:3.8:*:*:*:*:*:*:*

EPSS

Процентиль: 77%

0.01065

Низкий

10 Critical

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

CVE-2001-0060

redhat

больше 24 лет назад

Format string vulnerability in stunnel 3.8 and earlier allows attackers to execute arbitrary commands via a malformed ident username.

GHSA-cpcw-2gx9-xcwx

github

около 3 лет назад

Format string vulnerability in stunnel 3.8 and earlier allows attackers to execute arbitrary commands via a malformed ident username.

EPSS

Процентиль: 77%

0.01065

Низкий

10 Critical

CVSS2

Дефекты

NVD-CWE-Other