GLSA-201202-08 : stunnel: Arbitrary code execution
High Nessus Plugin ID 58174
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-201202-08 (stunnel: Arbitrary code execution)
An unspecified heap vulnerability was discovered in stunnel.
The vulnerability may possibly be leveraged to perform remote code execution or a Denial of Service attack.
There is no known workaround at this time.
SolutionAll stunnel 4.x users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=net-misc/stunnel-4.44'