This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.
The remote Windows host contains a program that is affected by
The version of stunnel installed on the remote host is a version
after 4.21 and prior to 4.55. It is, therefore, affected by the
following vulnerabilities :
- The bundled version of OpenSSL contains an error related
to CBC-mode and timing that allows an attacker to
recover plaintext from encrypted communications.
- A buffer overflow condition exists related to NTLM
authentication. Note this issue does not affect 32-bit
See also :
Upgrade to stunnel version 4.55 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.8
Public Exploit Available : true