Synopsis: Moderate: stunnel security update Issue Date: 2013-04-08 CVE Numbers: CVE-2013-1762 -- An integer conversion issue was found in stunnel when using Microsoft NT LAN Manager (NTLM) authentication with the HTTP CONNECT tunneling method. With this configuration, and using stunnel in SSL client mode on a 64-bit system, an attacker could possibly execute arbitrary code with the privileges of the stunnel process via a man-in-the-middle attack or by tricking a user into using a malicious proxy. (CVE-2013-1762) -- SL6 x86_64 stunnel-4.29-3.el6_4.x86_64.rpm stunnel-debuginfo-4.29-3.el6_4.x86_64.rpm i386 stunnel-4.29-3.el6_4.i686.rpm stunnel-debuginfo-4.29-3.el6_4.i686.rpm - Scientific Linux Development Team