Lucene search
HistoryOct 20, 2003 - 4:00 a.m.
CVE-2003-0740
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.1
Confidence
Low
EPSS
0
Percentile
0.4%
Stunnel 4.00, and 3.24 and earlier, leaks a privileged file descriptor returned by listen(), which allows local users to hijack the Stunnel server.
Affected configurations
Node
stunnelstunnelMatch3.3
ORstunnelstunnelMatch3.4a
ORstunnelstunnelMatch3.7
ORstunnelstunnelMatch3.8
ORstunnelstunnelMatch3.9
ORstunnelstunnelMatch3.10
ORstunnelstunnelMatch3.11
ORstunnelstunnelMatch3.12
ORstunnelstunnelMatch3.13
ORstunnelstunnelMatch3.14
ORstunnelstunnelMatch3.15
ORstunnelstunnelMatch3.16
ORstunnelstunnelMatch3.17
ORstunnelstunnelMatch3.18
ORstunnelstunnelMatch3.19
ORstunnelstunnelMatch3.20
ORstunnelstunnelMatch3.21
ORstunnelstunnelMatch3.21a
ORstunnelstunnelMatch3.21b
ORstunnelstunnelMatch3.21c
ORstunnelstunnelMatch3.22
ORstunnelstunnelMatch3.24
ORstunnelstunnelMatch4.0
Related
debiancve
debiancve
CVE-2003-0740
2003-10-20 04:00:00
cvelist
cvelist
CVE-2003-0740
2003-09-04 04:00:00
cve
cve
CVE-2003-0740
2003-10-20 04:00:00
nessus
nessus
RHEL 2.1 : stunnel (RHSA-2003:297)
2004-07-06 00:00:00
Mandrake Linux Security Advisory : stunnel (MDKSA-2003:108)
2004-07-31 00:00:00
redhat
redhat
(RHSA-2003:297) stunnel security update
2003-11-12 00:00:00
securityvulns
securityvulns
[RHSA-2003:296-01] Updated stunnel packages available
2003-11-25 00:00:00
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.1
Confidence
Low
EPSS
0
Percentile
0.4%
Related for NVD:CVE-2003-0740