CVE-2011-1499

EPSS 0.78%
Veröffentlicht 29.04.2011 22:55:00
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle secalert@redhat.com
Teams Watchlist Login
Unerledigt Login

acl.c in Tinyproxy before 1.8.3, when an Allow configuration setting specifies a CIDR block, permits TCP connections from all IP addresses, which makes it easier for remote attackers to hide the origin of web traffic by leveraging the open HTTP proxy server.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 12

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Banu ≫ Tinyproxy Version <= 1.8.2

Banu ≫ Tinyproxy Version1.5.0

Banu ≫ Tinyproxy Version1.5.0 Updatepre1

Banu ≫ Tinyproxy Version1.5.0 Updatepre2

Banu ≫ Tinyproxy Version1.5.0 Updatepre3

Banu ≫ Tinyproxy Version1.5.0 Updatepre4

Banu ≫ Tinyproxy Version1.5.0 Updatepre5

Banu ≫ Tinyproxy Version1.5.0 Updatepre6

Banu ≫ Tinyproxy Version1.5.0 Updaterc1

Banu ≫ Tinyproxy Version1.5.0 Updaterc10

Banu ≫ Tinyproxy Version1.5.0 Updaterc2

Banu ≫ Tinyproxy Version1.5.0 Updaterc4

Banu ≫ Tinyproxy Version1.5.0 Updaterc5

Banu ≫ Tinyproxy Version1.5.0 Updaterc6

Banu ≫ Tinyproxy Version1.5.0 Updaterc7

Banu ≫ Tinyproxy Version1.5.0 Updaterc8

Banu ≫ Tinyproxy Version1.5.0 Updaterc9

Banu ≫ Tinyproxy Version1.5.1

Banu ≫ Tinyproxy Version1.5.1 Updatepre1

Banu ≫ Tinyproxy Version1.5.1 Updatepre2

Banu ≫ Tinyproxy Version1.5.1 Updatepre3

Banu ≫ Tinyproxy Version1.5.1 Updatepre4

Banu ≫ Tinyproxy Version1.5.1 Updatepre5

Banu ≫ Tinyproxy Version1.5.1 Updatepre6

Banu ≫ Tinyproxy Version1.5.1 Updaterc1

Banu ≫ Tinyproxy Version1.5.1 Updaterc2

Banu ≫ Tinyproxy Version1.5.1 Updaterc3

Banu ≫ Tinyproxy Version1.5.1 Updaterc4

Banu ≫ Tinyproxy Version1.5.2

Banu ≫ Tinyproxy Version1.5.2 Updaterc1

Banu ≫ Tinyproxy Version1.5.2 Updaterc2

Banu ≫ Tinyproxy Version1.5.3

Banu ≫ Tinyproxy Version1.5.3 Updaterc1

Banu ≫ Tinyproxy Version1.6.0

Banu ≫ Tinyproxy Version1.6.0 Updatea

Banu ≫ Tinyproxy Version1.6.0 Updatepre1

Banu ≫ Tinyproxy Version1.6.0 Updatepre2

Banu ≫ Tinyproxy Version1.6.0 Updatepre3

Banu ≫ Tinyproxy Version1.6.0 Updatepre4

Banu ≫ Tinyproxy Version1.6.0 Updaterc1

Banu ≫ Tinyproxy Version1.6.0 Updaterc2

Banu ≫ Tinyproxy Version1.6.0 Updaterc3

Banu ≫ Tinyproxy Version1.6.1

Banu ≫ Tinyproxy Version1.6.2

Banu ≫ Tinyproxy Version1.6.3

Banu ≫ Tinyproxy Version1.6.4

Banu ≫ Tinyproxy Version1.6.5

Banu ≫ Tinyproxy Version1.7.0

Banu ≫ Tinyproxy Version1.7.1

Banu ≫ Tinyproxy Version1.8.0

Banu ≫ Tinyproxy Version1.8.1

Debian ≫ Debian Linux Version6.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.78%	0.714

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	2.6	4.9	2.9	AV:N/AC:H/Au:N/C:N/I:P/A:N

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=621493

Patch

Issue Tracking

http://openwall.com/lists/oss-security/2011/04/07/9

Third Party Advisory

Mailing List

http://openwall.com/lists/oss-security/2011/04/08/3

Third Party Advisory

Mailing List

http://secunia.com/advisories/44274

http://www.debian.org/security/2011/dsa-2222

Third Party Advisory

https://banu.com/bugzilla/show_bug.cgi?id=90

Broken Link

https://banu.com/cgit/tinyproxy/diff/?id=e8426f6662dc467bd1d827100481b95d9a4a23e4

Broken Link

https://bugzilla.redhat.com/show_bug.cgi?id=694658

Patch

Issue Tracking

https://exchange.xforce.ibmcloud.com/vulnerabilities/67256

https://nvd.nist.gov/vuln/detail/CVE-2011-1499

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2011-1499

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2011-1499

EUVD