CVE-2002-1563

Name of the Vulnerable Software and Affected Versions stunnel versions 4.0.3 and earlier stunnel version 3.22 stunnel version 3.26

Description The issue allows attackers to cause a denial of service via SIGCHLD signal handler race conditions, leading to an inconsistency in the child counter. Multiple vulnerabilities in the stunnel package may lead to a violation of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited both remotely and locally.

Recommendations For stunnel versions 4.0.3 and earlier, update to a version later than 4.0.3 to resolve the issue. For stunnel version 3.22, restrict access to the package to minimize the risk of exploitation until a patch is available. For stunnel version 3.26, consider disabling local access to the package as a temporary workaround until a patch is available.