CVE-2015-3644
Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote attackers to bypass authentication.
| Software | From | Fixed in |
|---|---|---|
| stunnel / stunnel | 5.13 | 5.13.x |
| stunnel / stunnel | 5.01 | 5.01.x |
| stunnel / stunnel | 5.06 | 5.06.x |
| stunnel / stunnel | 5.04 | 5.04.x |
| stunnel / stunnel | 5.02 | 5.02.x |
| stunnel / stunnel | 5.10 | 5.10.x |
| stunnel / stunnel | 5.12 | 5.12.x |
| stunnel / stunnel | 5.11 | 5.11.x |
| stunnel / stunnel | 5.09 | 5.09.x |
| stunnel / stunnel | 5.07 | 5.07.x |
| stunnel / stunnel | 5.00 | 5.00.x |
| stunnel / stunnel | 5.03 | 5.03.x |
| stunnel / stunnel | 5.08 | 5.08.x |
| stunnel / stunnel | 5.05 | 5.05.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime