CVE-2002-0002

Published: Jan 31, 2002Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code.

Affected (25)

Products: Stunnel: Stunnel · Engardelinux: Secure Linux · Mandrakesoft: Mandrake Linux · +1 more

Show all products

Stunnel: Stunnel · Engardelinux: Secure Linux · Mandrakesoft: Mandrake Linux · Redhat: Linux

1 product

1 product

1 product

1 product

Configuration A

22 vulnerable

Vulnerable Software	Affected Versions
Stunnel Stunnel	Version 3.10
Stunnel Stunnel	Version 3.11
Stunnel Stunnel	Version 3.12
Stunnel Stunnel	Version 3.13
Stunnel Stunnel	Version 3.14
Stunnel Stunnel	Version 3.15
Stunnel Stunnel	Version 3.16
Stunnel Stunnel	Version 3.17
Stunnel Stunnel	Version 3.18
Stunnel Stunnel	Version 3.19
Stunnel Stunnel	Version 3.20
Stunnel Stunnel	Version 3.21
Stunnel Stunnel	Version 3.21a
Stunnel Stunnel	Version 3.21b
Stunnel Stunnel	Version 3.21c
Stunnel Stunnel	Version 3.22
Stunnel Stunnel	Version 3.24
Stunnel Stunnel	Version 3.3
Stunnel Stunnel	Version 3.4a
Stunnel Stunnel	Version 3.7
Stunnel Stunnel	Version 3.8
Stunnel Stunnel	Version 3.9

Configuration B

3 vulnerable

Vulnerable Software	Affected Versions
Engardelinux Secure Linux	Version 1.0.1
Mandrakesoft Mandrake Linux	Version 8.1
Redhat Linux	Version 7.2

References (16)

http://marc.info/?l=stunnel-users&m=100869449828705&w=2

Source: cve@mitre.org

http://online.securityfocus.com/archive/1/247427

Source: cve@mitre.org

http://online.securityfocus.com/archive/1/248149

Source: cve@mitre.org

http://stunnel.mirt.net/news.html

Source: cve@mitre.org

Vendor Advisory

http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-004.php3

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2002-002.html

Source: cve@mitre.org

PatchVendor Advisory

http://www.securityfocus.com/bid/3748

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/7741

Source: cve@mitre.org

http://marc.info/?l=stunnel-users&m=100869449828705&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://online.securityfocus.com/archive/1/247427

Source: af854a3a-2127-422b-91ae-364da2661108

http://online.securityfocus.com/archive/1/248149

Source: af854a3a-2127-422b-91ae-364da2661108

http://stunnel.mirt.net/news.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-004.php3

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2002-002.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/3748

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/7741

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.