Hi, I attached an exploit for: http://online.securityfocus.com/bid/3748/info/ bugtraq id 3748 object class Input Validation Error cve CVE-2002-0002 remote Yes local No published Dec 22, 2001 updated Jan 17, 2002 vulnerable Stunnel Stunnel 3.20 + MandrakeSoft Linux Mandrake 8.1 + MandrakeSoft Linux Mandrake 8.1 ia64 Stunnel Stunnel 3.15 Stunnel Stunnel 3.16 Stunnel Stunnel 3.17 Stunnel Stunnel 3.18 Stunnel Stunnel 3.19 + RedHat Linux 7.2 i386 + RedHat Linux 7.2 ia64 Stunnel Stunnel 3.21 c Stunnel Stunnel 3.21 b Stunnel Stunnel 3.21 a Stunnel Stunnel 3.21 not vulnerable Stunnel Stunnel 3.22 Credit: This vulnerability was originally discovered by Matthias Lange <ml@netuse.de>, and announced via Bugtraq by Brian Hatch <bugtraq@ifokr.org> on December 27, 2001. References: Advisory: MDKSA-2002:004: stunnel (Mandrake) Advisory: RHSA-2002:002-10: Updated stunnel packages available. (RedHat) Message: Stunnel: Format String Bug in versions <3.22 Message: Stunnel: Format String Bug update
Attachment:
w00nf-stunnel.c
Description: application/unknown-content-type-c_auto_file
