CVE

Id
49411  
CVE No.
CVE-2011-1499  
Status
Candidate  
Description
acl.c in Tinyproxy before 1.8.3, when an Allow configuration setting specifies a CIDR block, permits TCP connections from all IP addresses, which makes it easier for remote attackers to hide the origin of web traffic by leveraging the open HTTP proxy server.  
Phase
Assigned (20110321)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
536355 49411 CVE-2011-1499 MLIST:[oss-security] 20110407 CVE request: tinyproxy runs as an open proxy when attempting to restrict allowable IP ranges  View
536356 49411 CVE-2011-1499 URL:http://openwall.com/lists/oss-security/2011/04/07/9  View
536357 49411 CVE-2011-1499 MLIST:[oss-security] 20110408 Re: CVE request: tinyproxy runs as an open proxy when attempting to restrict allowable IP ranges  View
536358 49411 CVE-2011-1499 URL:http://openwall.com/lists/oss-security/2011/04/08/3  View
536359 49411 CVE-2011-1499 CONFIRM:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=621493  View
536360 49411 CVE-2011-1499 CONFIRM:https://banu.com/bugzilla/show_bug.cgi?id=90  View
536361 49411 CVE-2011-1499 CONFIRM:https://banu.com/cgit/tinyproxy/diff/?id=e8426f6662dc467bd1d827100481b95d9a4a23e4  View
536362 49411 CVE-2011-1499 CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=694658  View
536363 49411 CVE-2011-1499 DEBIAN:DSA-2222  View
536364 49411 CVE-2011-1499 URL:http://www.debian.org/security/2011/dsa-2222  View
536365 49411 CVE-2011-1499 SECUNIA:44274  View
536366 49411 CVE-2011-1499 URL:http://secunia.com/advisories/44274  View
536367 49411 CVE-2011-1499 XF:tinyproxy-aclc-sec-bypass(67256)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
37817 JVNDB-2010-003602 Liferay Portal CE におけるクロスサイトスクリプティングの脆弱性 Liferay Portal Community Edition (CE) には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2011-1504 49411 3.5 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-003602.html  View