Hello Stunnel Users Forum! I wonder if anyone may have suggestions of what, if anything can be done to surmount a reported vulnerability for Stunnel versions prior to 5.34. I have limited savvy in this arena so please excuse this "Stunnel for Dummies" question.
The following statements surfaced in a "security vulnerabilities" report...
The version of stunnel installed on the remote host is 4.46 or later but prior to 5.34. It is, therefore, affected by a security bypass vulnerability related to the validation of level 4 peer certificates. An unauthenticated, remote attacker can exploit this to have an impact on confidentiality, integrity, and/or availability. No other details are available.
I am of the mind that perhaps an entry in Stunnel.conf until we can deploy an upgrade?
Thanks in advance for any feedback! Upgrade to stunnel version 5.34 or later.