CVE-2011-1843

Severity

68%

Complexity

86%

Confidentiality

106%

Integer overflow in conf.c in Tinyproxy before 1.8.3 might allow remote attackers to bypass intended access restrictions in opportunistic circumstances via a TCP connection, related to improper handling of invalid port numbers.

Integer overflow in conf.c in Tinyproxy before 1.8.3 might allow remote attackers to bypass intended access restrictions in opportunistic circumstances via a TCP connection, related to improper handling of invalid port numbers.

CVSS 2.0 Base Score 6.8. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P).

Overview

Type

Banu Tinyproxy

First reported 13 years ago

2011-05-03 00:55:00

Last updated 13 years ago

2011-09-07 03:16:00

Affected Software

Banu Tinyproxy 1.5.0 Pre 1

1.5.0

Banu Tinyproxy 1.5.0 Pre 2

1.5.0

Banu Tinyproxy 1.5.0 Pre 3

1.5.0

Banu Tinyproxy 1.5.0 Pre 4

1.5.0

Banu Tinyproxy 1.5.0 Pre 5

1.5.0

Banu Tinyproxy 1.5.0 Pre 6

1.5.0

Banu Tinyproxy 1.5.0 Release Candidate 1

1.5.0

Banu Tinyproxy 1.5.0 Release Candidate 10

1.5.0

Banu Tinyproxy 1.5.0 Release Candidate 2

1.5.0

Banu Tinyproxy 1.5.0 Release Candidate 4

1.5.0

Banu Tinyproxy 1.5.0 Release Candidate 5

1.5.0

Banu Tinyproxy 1.5.0 Release Candidate 6

1.5.0

Banu Tinyproxy 1.5.0 Release Candidate 7

1.5.0

Banu Tinyproxy 1.5.0 Release Candidate 8

1.5.0

Banu Tinyproxy 1.5.1 Pre 1

1.5.1

Banu Tinyproxy 1.5.1 Pre 2

1.5.1

Banu Tinyproxy 1.5.1 Pre 3

1.5.1

Banu Tinyproxy 1.5.1 Pre 4

1.5.1

Banu Tinyproxy 1.5.1 Pre 5

1.5.1

Banu Tinyproxy 1.5.1 Pre 6

1.5.1

Banu Tinyproxy 1.5.1 Release Candidate 1

1.5.1

Banu Tinyproxy 1.5.1 Release Candidate 2

1.5.1

Banu Tinyproxy 1.5.1 Release Candidate 3

1.5.1

Banu Tinyproxy 1.5.1 Release Candidate 4

1.5.1

Banu Tinyproxy 1.5.2 Release Candidate 1

1.5.2

Banu Tinyproxy 1.5.2 Release Candidate 2

1.5.2

Banu Tinyproxy 1.5.3 Release Candidate 1

1.5.3

Banu Tinyproxy 1.6.0 a

1.6.0

Banu Tinyproxy 1.6.0 Pre 1

1.6.0

Banu Tinyproxy 1.6.0 Pre 2

1.6.0

Banu Tinyproxy 1.6.0 Pre 3

1.6.0

Banu Tinyproxy 1.6.0 Pre 4

1.6.0

Banu Tinyproxy 1.6.0 Release Candidate 1

1.6.0

Banu Tinyproxy 1.6.0 Release Candidate 2

1.6.0

Banu Tinyproxy 1.6.0 Release Candidate 3

1.6.0

Banu Tinyproxy 1.6.1

1.6.1

Banu Tinyproxy 1.6.2

1.6.2

Banu Tinyproxy 1.6.3

1.6.3

Banu Tinyproxy 1.6.4

1.6.4

Banu Tinyproxy 1.6.5

1.6.5

Banu Tinyproxy 1.7.0

1.7.0

Banu Tinyproxy 1.7.1

1.7.1

Banu Tinyproxy 1.8.0

1.8.0

Banu Tinyproxy 1.8.1

1.8.1

References

47715

https://banu.com/bugzilla/show_bug.cgi?id=90

Exploit, Patch

https://banu.com/cgit/tinyproxy/diff/?id=97b9984484299b2ce72f8f4fc3706dab8a3a8439

Patch

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.