CVE-2011-1843

The CVE-2011-1843 issue affects Tinyproxy prior to 1.8.3, where an integer overflow in conf.c can allow remote attackers to bypass access restrictions via a TCP connection (improper handling of invalid port numbers). Public references indicate fixes exist in Tinyproxy 1.8.3 or newer; Fedora/OpenV...

CVE-2012-3505

CVE-2012-3505 affects Tinyproxy up to version 1.8.3 (and earlier), enabling remote attackers to cause a denial of service via a flood of headers or forged headers that trigger hash collisions, leading to increased CPU and memory usage. Official advisories and open vulnerability feeds confirm the ...

CVE-2011-1499

Affected software: Tinyproxy (before 1.8.3). Root cause: ACL configuration with CIDR in acl.c permits TCP connections from any IP, effectively making the proxy open. Impact: potential anonymization of traffic as the proxy can be used to hide origin. Remediation: upgrade to Tinyproxy 1.8.3 or appl...