Description
Stunnel 4.00, and 3.24 and earlier, leaks a privileged file descriptor returned by listen(), which allows local users to hijack the Stunnel server.
Exploits (1)
References (4)
Scores
EPSS
0.0012
EPSS Percentile
29.9%
Details
Status
published
Products (23)
stunnel/stunnel
3.3
stunnel/stunnel
3.4a
stunnel/stunnel
3.7
stunnel/stunnel
3.8
stunnel/stunnel
3.9
stunnel/stunnel
3.10
stunnel/stunnel
3.11
stunnel/stunnel
3.12
stunnel/stunnel
3.13
stunnel/stunnel
3.14
... and 13 more
Published
Oct 20, 2003
Tracked Since
Feb 18, 2026