Vulnerability Database

289,689

Total vulnerabilities in the database

CVE-2008-2420

The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates.

  • Published: May 23, 2008
  • Updated: Apr 13, 2023
  • CVE: CVE-2008-2420
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.8
  • AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

Software From Fixed in
stunnel / stunnel 4.21 4.21.x
stunnel / stunnel 4.13 4.13.x
stunnel / stunnel 4.02 4.02.x
stunnel / stunnel 4.20 4.20.x
stunnel / stunnel 4.00 4.00.x
stunnel / stunnel 3.21c 3.21c.x
stunnel / stunnel 3.7 3.7.x
stunnel / stunnel 4.07 4.07.x
stunnel / stunnel 4.09 4.09.x
stunnel / stunnel 3.8p1 3.8p1.x
stunnel / stunnel 3.6 3.6.x
stunnel / stunnel 4.18 4.18.x
stunnel / stunnel 4.15 4.15.x
stunnel / stunnel 3.21b 3.21b.x
stunnel / stunnel 3.14 3.14.x
stunnel / stunnel 3.4a 3.4a.x
stunnel / stunnel 3.22 3.22.x
stunnel / stunnel 3.18 3.18.x
stunnel / stunnel 3.20 3.20.x
stunnel / stunnel 4.12 4.12.x
stunnel / stunnel 4.04 4.04.x
stunnel / stunnel 3.15 3.15.x
stunnel / stunnel 4.05 4.05.x
stunnel / stunnel 3.24 3.24.x
stunnel / stunnel 3.11 3.11.x
stunnel / stunnel 3.8 3.8.x
stunnel / stunnel 4.22 4.22.x
stunnel / stunnel 3.21 3.21.x
stunnel / stunnel 3.8p4 3.8p4.x
stunnel / stunnel 4.14 4.14.x
stunnel / stunnel 3.13 3.13.x
stunnel / stunnel 4.16 4.16.x
stunnel / stunnel 3.23 3.23.x
stunnel / stunnel 3.17 3.17.x
stunnel / stunnel 3.5 3.5.x
stunnel / stunnel 4.19 4.19.x
stunnel / stunnel 4.10 4.10.x
stunnel / stunnel 3.8p3 3.8p3.x
stunnel / stunnel 3.8p2 3.8p2.x
stunnel / stunnel 4.17 4.17.x
stunnel / stunnel 3.10 3.10.x
stunnel / stunnel 3.16 3.16.x
stunnel / stunnel 3.9 3.9.x
stunnel / stunnel 3.12 3.12.x
stunnel / stunnel 3.21a 3.21a.x
stunnel / stunnel 4.23 4.23.x
stunnel / stunnel 4.08 4.08.x
stunnel / stunnel 3.26 3.26.x
stunnel / stunnel 4.06 4.06.x
stunnel / stunnel 3.25 3.25.x
stunnel / stunnel 4.11 4.11.x
stunnel / stunnel 4.01 4.01.x
stunnel / stunnel 4.03 4.03.x
stunnel / stunnel 3.19 3.19.x