RSS   Vulnerabilities for 'Tinyproxy'   RSS

2012-10-09
 
CVE-2012-3505

 

 
tinyproxy before 1.8.3-3 allows remote attackers to cause a denial of service (CPU and memory consumption) via (1) a large number of headers or (2) a large number of forged headers that are hashed into the same bucket.

 
2011-05-02
 
CVE-2011-1843

CWE-189
 

 
Integer overflow in conf.c in Tinyproxy before 1.8.3 might allow remote attackers to bypass intended access restrictions in opportunistic circumstances via a TCP connection, related to improper handling of invalid port numbers.

 
2011-04-29
 
CVE-2011-1499

 

 
acl.c in Tinyproxy before 1.8.3, when an Allow configuration setting specifies a CIDR block, permits TCP connections from all IP addresses, which makes it easier for remote attackers to hide the origin of web traffic by leveraging the open HTTP proxy server.

 


Copyright 2024, cxsecurity.com

 

Back to Top