VDB

GCVE-110-MAGEIA-2015-289

GCVE-110-MAGEIA-2015-289
Advisory Published
Vulnetix · Advisory published July 27, 2015
Johan Olofsson discovered an authentication bypass vulnerability in Stunnel, a program designed to work as an universal SSL tunnel for network daemons. When Stunnel in server mode is used with the redirect option and certificate-based authentication is enabled with "verify = 2" or higher, then only the initial connection is redirected to the hosts specified with "redirect". This allows a remote attacker to bypass authentication (CVE-2015-3644).

Affected Products

VendorProductVersionsPlatforms
Mageiastunnel5.03-4.1.mga5 (unaffected), 0 (affected)

Browse GCVE Records

73,738 records in the GCVE database · Updated July 19, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›