Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-145
HistoryAug 07, 2002 - 12:00 a.m.

tinyproxy - doubly freed memory

2002-08-0700:00:00
Google
osv.dev
5

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON

The authors of tinyproxy, a lightweight HTTP proxy, discovered a bug
in the handling of some invalid proxy requests. Under some
circumstances, an invalid request may result in allocated memory
being freed twice. This can potentially result in the execution of
arbitrary code.

This problem has been fixed in version 1.4.3-2woody2 for the current
stable distribution (woody) and in version 1.4.3-3 for the unstable
distribution (sid). The old stable distribution (potato) is not
affected by this problem.

We recommend that you upgrade your tinyproxy package immediately.

Related

cve 1
openvas 2
debiancve 1
nessus 1
cve
cve
CVE-2002-0847
2002-08-12 04:00:00
openvas
openvas
Debian: Security Advisory (DSA-145)
2008-01-17 00:00:00
Debian Security Advisory DSA 145-1 (tinyproxy)
2008-01-17 00:00:00
debiancve
debiancve
CVE-2002-0847
2002-08-12 04:00:00
nessus
nessus
Debian DSA-145-1 : tinyproxy - doubly freed memory
2004-09-29 00:00:00

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON
Related for OSV:DSA-145
cve1openvas2debiancve1nessus1