Unrated severityNVD Advisory· Published May 23, 2008· Updated Jun 16, 2026
CVE-2008-2420
CVE-2008-2420
Description
The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
55cpe:2.3:a:stunnel:stunnel:3.10:*:*:*:*:*:*:*+ 54 more
- cpe:2.3:a:stunnel:stunnel:3.10:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.11:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.12:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.13:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.14:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.15:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.16:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.17:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.18:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.19:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.20:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.21:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.21a:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.21b:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.21c:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.22:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.23:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.24:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.25:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.26:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.4a:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.5:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.6:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.7:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.8:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.8p1:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.8p2:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.8p3:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.8p4:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.9:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:4.00:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:4.01:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:4.02:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:4.03:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:4.04:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:4.05:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:4.06:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:4.07:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:4.08:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:4.09:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:4.10:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:4.11:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:4.12:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:4.13:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:4.14:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:4.15:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:4.16:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:4.17:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:4.18:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:4.19:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:4.20:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:4.21:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:4.22:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:4.23:*:*:*:*:*:*:*
- (no CPE)range: <4.24
Patches
Vulnerability mechanics
References
12- www.securityfocus.com/bid/29309nvdPatch
- secunia.com/advisories/30335nvdVendor Advisory
- secunia.com/advisories/30425nvd
- secunia.com/advisories/31438nvd
- security.gentoo.org/glsa/glsa-200808-08.xmlnvd
- stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000035.htmlnvd
- www.mandriva.com/security/advisoriesnvd
- www.vupen.com/english/advisories/2008/1569/referencesnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/42528nvd
- www.redhat.com/archives/fedora-package-announce/2008-May/msg00856.htmlnvd
- www.redhat.com/archives/fedora-package-announce/2008-May/msg00907.htmlnvd
- www.redhat.com/archives/fedora-package-announce/2008-May/msg00942.htmlnvd
News mentions
0No linked articles in our index yet.