Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2013-1762
Deferred
More InfoOfficial Page
Source-cve@mitre.org
View Known Exploited Vulnerability (KEV) details
Published At-08 Mar, 2013 | 18:55
Updated At-11 Apr, 2025 | 00:51

stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.06.6MEDIUM
AV:N/AC:H/Au:N/C:P/I:P/A:C
CPE Matches
stunnel
stunnel
>>stunnel>>Versions up to 4.54(inclusive)
cpe:2.3:a:stunnel:stunnel:*:*:*:*:*:*:*:*
stunnel
stunnel
>>stunnel>>4.21
cpe:2.3:a:stunnel:stunnel:4.21:*:*:*:*:*:*:*
stunnel
stunnel
>>stunnel>>4.22
cpe:2.3:a:stunnel:stunnel:4.22:*:*:*:*:*:*:*
stunnel
stunnel
>>stunnel>>4.23
cpe:2.3:a:stunnel:stunnel:4.23:*:*:*:*:*:*:*
stunnel
stunnel
>>stunnel>>4.24
cpe:2.3:a:stunnel:stunnel:4.24:*:*:*:*:*:*:*
stunnel
stunnel
>>stunnel>>4.25
cpe:2.3:a:stunnel:stunnel:4.25:*:*:*:*:*:*:*
stunnel
stunnel
>>stunnel>>4.26
cpe:2.3:a:stunnel:stunnel:4.26:*:*:*:*:*:*:*
stunnel
stunnel
>>stunnel>>4.27
cpe:2.3:a:stunnel:stunnel:4.27:*:*:*:*:*:*:*
stunnel
stunnel
>>stunnel>>4.28
cpe:2.3:a:stunnel:stunnel:4.28:*:*:*:*:*:*:*
stunnel
stunnel
>>stunnel>>4.29
cpe:2.3:a:stunnel:stunnel:4.29:*:*:*:*:*:*:*
stunnel
stunnel
>>stunnel>>4.30
cpe:2.3:a:stunnel:stunnel:4.30:*:*:*:*:*:*:*
stunnel
stunnel
>>stunnel>>4.31
cpe:2.3:a:stunnel:stunnel:4.31:*:*:*:*:*:*:*
stunnel
stunnel
>>stunnel>>4.32
cpe:2.3:a:stunnel:stunnel:4.32:*:*:*:*:*:*:*
stunnel
stunnel
>>stunnel>>4.33
cpe:2.3:a:stunnel:stunnel:4.33:*:*:*:*:*:*:*
stunnel
stunnel
>>stunnel>>4.34
cpe:2.3:a:stunnel:stunnel:4.34:*:*:*:*:*:*:*
stunnel
stunnel
>>stunnel>>4.35
cpe:2.3:a:stunnel:stunnel:4.35:*:*:*:*:*:*:*
stunnel
stunnel
>>stunnel>>4.36
cpe:2.3:a:stunnel:stunnel:4.36:*:*:*:*:*:*:*
stunnel
stunnel
>>stunnel>>4.37
cpe:2.3:a:stunnel:stunnel:4.37:*:*:*:*:*:*:*
stunnel
stunnel
>>stunnel>>4.38
cpe:2.3:a:stunnel:stunnel:4.38:*:*:*:*:*:*:*
stunnel
stunnel
>>stunnel>>4.39
cpe:2.3:a:stunnel:stunnel:4.39:*:*:*:*:*:*:*
stunnel
stunnel
>>stunnel>>4.40
cpe:2.3:a:stunnel:stunnel:4.40:*:*:*:*:*:*:*
stunnel
stunnel
>>stunnel>>4.41
cpe:2.3:a:stunnel:stunnel:4.41:*:*:*:*:*:*:*
stunnel
stunnel
>>stunnel>>4.42
cpe:2.3:a:stunnel:stunnel:4.42:*:*:*:*:*:*:*
stunnel
stunnel
>>stunnel>>4.43
cpe:2.3:a:stunnel:stunnel:4.43:*:*:*:*:*:*:*
stunnel
stunnel
>>stunnel>>4.44
cpe:2.3:a:stunnel:stunnel:4.44:*:*:*:*:*:*:*
stunnel
stunnel
>>stunnel>>4.45
cpe:2.3:a:stunnel:stunnel:4.45:*:*:*:*:*:*:*
stunnel
stunnel
>>stunnel>>4.46
cpe:2.3:a:stunnel:stunnel:4.46:*:*:*:*:*:*:*
stunnel
stunnel
>>stunnel>>4.47
cpe:2.3:a:stunnel:stunnel:4.47:*:*:*:*:*:*:*
stunnel
stunnel
>>stunnel>>4.48
cpe:2.3:a:stunnel:stunnel:4.48:*:*:*:*:*:*:*
stunnel
stunnel
>>stunnel>>4.49
cpe:2.3:a:stunnel:stunnel:4.49:*:*:*:*:*:*:*
stunnel
stunnel
>>stunnel>>4.50
cpe:2.3:a:stunnel:stunnel:4.50:*:*:*:*:*:*:*
stunnel
stunnel
>>stunnel>>4.51
cpe:2.3:a:stunnel:stunnel:4.51:*:*:*:*:*:*:*
stunnel
stunnel
>>stunnel>>4.52
cpe:2.3:a:stunnel:stunnel:4.52:*:*:*:*:*:*:*
stunnel
stunnel
>>stunnel>>4.53
cpe:2.3:a:stunnel:stunnel:4.53:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-94Primarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://rhn.redhat.com/errata/RHSA-2013-0714.htmlcve@mitre.org
N/A
http://www.debian.org/security/2013/dsa-2664cve@mitre.org
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2013:130cve@mitre.org
N/A
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0097cve@mitre.org
N/A
https://www.stunnel.org/CVE-2013-1762.htmlcve@mitre.org
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2013-0714.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.debian.org/security/2013/dsa-2664af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2013:130af854a3a-2127-422b-91ae-364da2661108
N/A
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0097af854a3a-2127-422b-91ae-364da2661108
N/A
https://www.stunnel.org/CVE-2013-1762.htmlaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Change History
0Changes found
Details not found