CVE-2015-3644 - OpenCVE

Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote attackers to bypass authentication.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:P/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Stunnel	Stunnel

Configuration 1 [-]

OR	cpe:2.3:a:stunnel:stunnel:5.00:::::::*
	cpe:2.3:a:stunnel:stunnel:5.01:::::::*
	cpe:2.3:a:stunnel:stunnel:5.02:::::::*
	cpe:2.3:a:stunnel:stunnel:5.03:::::::*
	cpe:2.3:a:stunnel:stunnel:5.04:::::::*
	cpe:2.3:a:stunnel:stunnel:5.05:::::::*
	cpe:2.3:a:stunnel:stunnel:5.06:::::::*
	cpe:2.3:a:stunnel:stunnel:5.07:::::::*
	cpe:2.3:a:stunnel:stunnel:5.08:::::::*
	cpe:2.3:a:stunnel:stunnel:5.09:::::::*
	cpe:2.3:a:stunnel:stunnel:5.10:::::::*
	cpe:2.3:a:stunnel:stunnel:5.11:::::::*
	cpe:2.3:a:stunnel:stunnel:5.12:::::::*
	cpe:2.3:a:stunnel:stunnel:5.13:::::::*

References

Link	Resource
http://www.debian.org/security/2015/dsa-3299
http://www.securityfocus.com/bid/74659
http://www.securitytracker.com/id/1032324
https://www.stunnel.org/CVE-2015-3644.html	Patch Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2015-05-14T00:00:00

Updated: 2016-12-23T18:57:01

Reserved: 2015-05-04T00:00:00

Link: CVE-2015-3644

JSON object: View

NVD Information

Status : Modified

Published: 2015-05-14T00:59:06.147

Modified: 2016-12-28T02:59:14.043

Link: CVE-2015-3644

JSON object: View

Redhat Information

No data.

CWE

CWE-284

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-05-05T00:00:00", "descriptions": [{"lang": "en", "value": "Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote attackers to bypass authentication."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-12-23T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "DSA-3299", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2015/dsa-3299"}, {"name": "74659", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/74659"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.stunnel.org/CVE-2015-3644.html"}, {"name": "1032324", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1032324"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-3644", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote attackers to bypass authentication."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "DSA-3299", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2015/dsa-3299"}, {"name": "74659", "refsource": "BID", "url": "http://www.securityfocus.com/bid/74659"}, {"name": "https://www.stunnel.org/CVE-2015-3644.html", "refsource": "CONFIRM", "url": "https://www.stunnel.org/CVE-2015-3644.html"}, {"name": "1032324", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1032324"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-3644", "datePublished": "2015-05-14T00:00:00", "dateReserved": "2015-05-04T00:00:00", "dateUpdated": "2016-12-23T18:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:stunnel:stunnel:5.00:*:*:*:*:*:*:*", "matchCriteriaId": "86A9A9F5-B193-44DC-88EF-D0409AB2CD42", "vulnerable": true}, {"criteria": "cpe:2.3:a:stunnel:stunnel:5.01:*:*:*:*:*:*:*", "matchCriteriaId": "4AD482D3-F96B-41EB-BEF2-ED59A2B2E77B", "vulnerable": true}, {"criteria": "cpe:2.3:a:stunnel:stunnel:5.02:*:*:*:*:*:*:*", "matchCriteriaId": "79CCAF8F-FAB6-40B5-8752-0E5AA6CDC0CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:stunnel:stunnel:5.03:*:*:*:*:*:*:*", "matchCriteriaId": "59AE589F-7747-4F46-A58F-608AB7110B46", "vulnerable": true}, {"criteria": "cpe:2.3:a:stunnel:stunnel:5.04:*:*:*:*:*:*:*", "matchCriteriaId": "14F8AE5A-BCBB-4F41-862D-D930CAA67B61", "vulnerable": true}, {"criteria": "cpe:2.3:a:stunnel:stunnel:5.05:*:*:*:*:*:*:*", "matchCriteriaId": "E881D0A8-5BA1-41FC-9743-262CAB3BCD08", "vulnerable": true}, {"criteria": "cpe:2.3:a:stunnel:stunnel:5.06:*:*:*:*:*:*:*", "matchCriteriaId": "5636BFAF-4A5C-4002-B6BB-75B6F6BD534D", "vulnerable": true}, {"criteria": "cpe:2.3:a:stunnel:stunnel:5.07:*:*:*:*:*:*:*", "matchCriteriaId": "C9B042A1-00CF-40CD-BAA2-1E2FFBE6FEE6", "vulnerable": true}, {"criteria": "cpe:2.3:a:stunnel:stunnel:5.08:*:*:*:*:*:*:*", "matchCriteriaId": "26F8ECBC-35ED-4736-9EA3-E439747E4249", "vulnerable": true}, {"criteria": "cpe:2.3:a:stunnel:stunnel:5.09:*:*:*:*:*:*:*", "matchCriteriaId": "5A40647D-D3F4-4BB8-9A20-66366E330EF4", "vulnerable": true}, {"criteria": "cpe:2.3:a:stunnel:stunnel:5.10:*:*:*:*:*:*:*", "matchCriteriaId": "D933945A-4FFE-4A90-B5A7-D375E36F5D90", "vulnerable": true}, {"criteria": "cpe:2.3:a:stunnel:stunnel:5.11:*:*:*:*:*:*:*", "matchCriteriaId": "9B9E126F-CC19-4C4D-BB98-D4A21D7B84C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:stunnel:stunnel:5.12:*:*:*:*:*:*:*", "matchCriteriaId": "60862632-E37E-40D4-8153-FE82CFD0E011", "vulnerable": true}, {"criteria": "cpe:2.3:a:stunnel:stunnel:5.13:*:*:*:*:*:*:*", "matchCriteriaId": "D2774924-2867-42CF-AFFB-996809126E31", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote attackers to bypass authentication."}, {"lang": "es", "value": "Stunnel 5.00 hasta 5.13, cuando utiliza la opci\u00f3n de redirecci\u00f3n, no redirige las conexiones de clientes al servidor esperado despu\u00e9s de la conexi\u00f3n inicial, lo que permite a atacantes remotos evadir la autenticaci\u00f3n."}], "id": "CVE-2015-3644", "lastModified": "2016-12-28T02:59:14.043", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-05-14T00:59:06.147", "references": [{"source": "cve@mitre.org", "url": "http://www.debian.org/security/2015/dsa-3299"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/74659"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id/1032324"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.stunnel.org/CVE-2015-3644.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}], "source": "nvd@nist.gov", "type": "Primary"}]}