CVE-2003-0740

NameCVE-2003-0740
DescriptionStunnel 4.00, and 3.24 and earlier, leaks a privileged file descriptor returned by listen(), which allows local users to hijack the Stunnel server.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs278942

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
stunnel4 (PTS)buster3:5.50-3fixed
bullseye3:5.56+dfsg-10fixed
bookworm3:5.68-2+deb12u1fixed
sid, trixie3:5.72-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
stunnelsource(unstable)2:3.26278942
stunnel4source(unstable)2:4.04

Search for package or bug name: Reporting problems