Mandrake Linux Security Advisory : stunnel (MDKSA-2003:108)
Medium Nessus Plugin ID 14090
SynopsisThe remote Mandrake Linux host is missing a security update.
DescriptionA vulnerability was discovered in stunnel versions 3.24 and earlier, as well as 4.00, by Steve Grubb. It was found that stunnel leaks a critical file descriptor that can be used to hijack stunnel's services.
All users are encouraged to upgrade to these packages. Note that the version of stunnel provided with Mandrake Linux 9.1 and above is not vulnerable to this problem.
SolutionUpdate the affected stunnel package.