Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2001-0060

Format string vulnerability in stunnel 3.8 and earlier allows attackers to execute arbitrary commands via a malformed ident username.

  • Published: Feb 12, 2001
  • Updated: Apr 13, 2023
  • CVE: CVE-2001-0060
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 10
  • AV:N/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Software From Fixed in
stunnel / stunnel 3.7 3.7.x
stunnel / stunnel 3.3 3.3.x
stunnel / stunnel 3.4a 3.4a.x
stunnel / stunnel 3.8 3.8.x