253 matches found
Tinyproxy < 1.10.0 DoS Vulnerability
Tinyproxy is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:banu:tinyproxy"; if...
CVE-2017-11747
main.c in Tinyproxy 1.8.4 and earlier creates a /run/tinyproxy/tinyproxy.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for tinyproxy.pid modification before a root script executes a...
UBUNTU-CVE-2017-11747
main.c in Tinyproxy 1.8.4 and earlier creates a /run/tinyproxy/tinyproxy.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for tinyproxy.pid modification before a root script executes a...
CVE-2017-11747
main.c in Tinyproxy 1.8.4 and earlier creates a /run/tinyproxy/tinyproxy.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for tinyproxy.pid modification before a root script executes a...
DEBIAN-CVE-2017-11747
main.c in Tinyproxy 1.8.4 and earlier creates a /run/tinyproxy/tinyproxy.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for tinyproxy.pid modification before a root script executes a...
Command injection
main.c in Tinyproxy 1.8.4 and earlier creates a /run/tinyproxy/tinyproxy.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for tinyproxy.pid modification before a root script executes a...
CVE-2017-11747
main.c in Tinyproxy 1.8.4 and earlier creates a /run/tinyproxy/tinyproxy.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for tinyproxy.pid modification before a root script executes a...
CVE-2017-11747
main.c in Tinyproxy 1.8.4 and earlier creates a /run/tinyproxy/tinyproxy.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for tinyproxy.pid modification before a root script executes a...
CVE-2017-11747
main.c in Tinyproxy 1.8.4 and earlier creates a /run/tinyproxy/tinyproxy.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for tinyproxy.pid modification before a root script executes a...
CVE-2017-11747
CVE-2017-11747 affects Tinyproxy (1.8.4 and older): main.c creates /run/tinyproxy/tinyproxy.pid after dropping privileges to a non-root account, allowing local users to modify the PID file and potentially kill the process via a root script that executes kill cat /run/tinyproxy/tinyproxy.pid. Seve...
Tinyproxy < 1.8.3 Multiple Security Bypass Vulnerabilities
Tinyproxy is prone to multiple security bypass vulnerabilities. SPDX-FileCopyrightText: 2016 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later CPE =...
Tinyproxy Detection (HTTP)
HTTP based detection of Tinyproxy. SPDX-FileCopyrightText: 2016 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.111080"...
Tinyproxy < 1.8.4 Multiple DoS Vulnerabilities
Tinyproxy is prone to multiple remote denial of service DoS vulnerabilities that affect the SPDX-FileCopyrightText: 2016 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Gentoo Security Advisory GLSA 201312-15
Gentoo Linux Local Security Checks GLSA 201312-15 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
tinyproxy: denial of service
It was discovered that a remote attacker is able to cause a denial of service CPU and memory consumption via 1 a large number of headers or 2 a large number of forged headers that predictably trigger hash collisions...
tinyproxy tinyproxy 1.3.2/1.3.3 Heap Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2217/info Versions 1.3.2 and 1.3.3 of tinyproxy, a small HTTP proxy, exhibit a vulnerability to heap overflow attacks. A failure to properly validate user-supplied input which arguments a call to sprintf can allow...
openSUSE Security Update : tinyproxy (openSUSE-SU-2013:1201-1)
Tinyproxy allowed remote attackers to cause a denial of service CPU and memory consumption via 1 a large number of headers or 2 a large number of forged headers that trigger hash collisions predictably. bucket. This update fixes this by limiting headers and improving the hash keying. %NASLMINLEVE...
GLSA-201312-15 : Tinyproxy: Denial of Service
The remote host is affected by the vulnerability described in GLSA-201312-15 Tinyproxy: Denial of Service A vulnerability has been discovered in the way how Tinyproxy works with headers. Impact : A remote attacker could send a specially crafted request with too many headers, possibly resulting in...
Tinyproxy: Denial of service
Background Tinyproxy is a light-weight HTTP/HTTPS proxy daemon for POSIX operating systems. Description A vulnerability has been discovered in the way how Tinyproxy works with headers. Impact A remote attacker could send a specially crafted request with too many headers, possibly resulting in a...
Fedora Update for tinyproxy FEDORA-2013-16225
Check for the Version of tinyproxy OpenVAS Vulnerability Test Fedora Update for tinyproxy FEDORA-2013-16225 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...