FreeBSD : stunnel -- Remote Code Execution (c97219b6-843d-11e2-b131-000c299b62e1)

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Michal Trojnara reports :

64-bit versions of stunnel with the following conditions : * NTLM
authentication enabled * CONNECT protocol negotiation enabled *
Configured in SSL client mode * An attacker that can either control
the proxy server specified in the 'connect' option or execute MITM
attacks on the TCP session between stunnel and the proxy

Can be exploited for remote code execution. The code is executed
within the configured chroot directory, with privileges of the
configured user and group.

See also :

https://www.stunnel.org/CVE-2013-1762.html
http://www.nessus.org/u?50947410

Solution :

Update the affected package.

Risk factor :

Medium / CVSS Base Score : 6.6
(CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:C)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 65003 ()

Bugtraq ID:

CVE ID: CVE-2013-1762

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now