Lucene search
PRIOn knowledge basePRION:CVE-2011-1499HistoryApr 29, 2011 - 10:55 p.m.
Design/Logic Flaw
2011-04-2922:55:00
PRIOn knowledge base
www.prio-n.com
3
acl.c in Tinyproxy before 1.8.3, when an Allow configuration setting specifies a CIDR block, permits TCP connections from all IP addresses, which makes it easier for remote attackers to hide the origin of web traffic by leveraging the open HTTP proxy server.
References
bugs.debian.org/cgi-bin/bugreport.cgi?bug=621493
openwall.com/lists/oss-security/2011/04/07/9
openwall.com/lists/oss-security/2011/04/08/3
secunia.com/advisories/44274
www.debian.org/security/2011/dsa-2222
banu.com/bugzilla/show_bug.cgi?id=90
banu.com/cgit/tinyproxy/diff/?id=e8426f6662dc467bd1d827100481b95d9a4a23e4
bugzilla.redhat.com/show_bug.cgi?id=694658
exchange.xforce.ibmcloud.com/vulnerabilities/67256
Related
openvas
openvas
Debian Security Advisory DSA 2222-1 (tinyproxy)
2011-05-12 00:00:00
FreeBSD Ports: tinyproxy
2011-05-12 00:00:00
FreeBSD Ports: tinyproxy
2011-05-12 00:00:00
nessus
nessus
FreeBSD : tinyproxy -- ACL lists ineffective when range is configured (b9281fb9-61b2-11e0-b1ce-0019d1a7ece2)
2011-04-11 00:00:00
Debian DSA-2222-1 : tinyproxy - incorrect ACL processing
2011-04-21 00:00:00
Fedora 20 : tinyproxy-1.8.3-1.fc20 (2013-16165)
2013-09-23 00:00:00
cvelist
cvelist
CVE-2011-1499
2011-04-29 22:00:00
ubuntucve
ubuntucve
CVE-2011-1499
2011-04-29 00:00:00
freebsd
freebsd
tinyproxy -- ACL lists ineffective when range is configured
2010-05-18 00:00:00
seebug
seebug
Tinyproxy 'conf.c'整数溢出安全绕过漏洞
2011-05-08 00:00:00
debian
debian
[SECURITY] [DSA 2222-1] tinyproxy security update
2011-04-20 17:16:14
debiancve
debiancve
CVE-2011-1499
2011-04-29 22:55:00
nvd
nvd
CVE-2011-1499
2011-04-29 22:55:00
cve
cve
CVE-2011-1499
2011-04-29 22:55:00
fedora
fedora
[SECURITY] Fedora 19 Update: tinyproxy-1.8.3-1.fc19
2013-09-21 08:33:48
[SECURITY] Fedora 20 Update: tinyproxy-1.8.3-1.fc20
2013-09-23 00:01:57