Hi, I attached an exploit for: http://online.securityfocus.com/bid/3748/info/ bugtraq id 3748 object class Input Validation Error cve CVE-2002-0002 remote Yes local No published Dec 22, 2001 updated Jan 17, 2002 vulnerable Stunnel Stunnel 3.20 + MandrakeSoft Linux Mandrake 8.1 + MandrakeSoft Linux Mandrake 8.1 ia64 Stunnel Stunnel 3.15 Stunnel Stunnel 3.16 Stunnel Stunnel 3.17 Stunnel Stunnel 3.18 Stunnel Stunnel 3.19 + RedHat Linux 7.2 i386 + RedHat Linux 7.2 ia64 Stunnel Stunnel 3.21 c Stunnel Stunnel 3.21 b Stunnel Stunnel 3.21 a Stunnel Stunnel 3.21 not vulnerable Stunnel Stunnel 3.22 Credit: This vulnerability was originally discovered by Matthias Lange <mlat_private>, and announced via Bugtraq by Brian Hatch <bugtraqat_private> on December 27, 2001. References: Advisory: MDKSA-2002:004: stunnel (Mandrake) Advisory: RHSA-2002:002-10: Updated stunnel packages available. (RedHat) Message: Stunnel: Format String Bug in versions <3.22 Message: Stunnel: Format String Bug update
This archive was generated by hypermail 2b30 : Thu Jan 16 2003 - 11:31:26 PST