CVE-2011-1843

Integer overflow in conf.c in Tinyproxy before 1.8.3 might allow remote attackers to bypass intended access restrictions in opportunistic circumstances via a TCP connection, related to improper handling of invalid port numbers.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 48%
VendorProductVersion
banutinyproxy
𝑥
≤ 1.8.2
banutinyproxy
1.5.0
banutinyproxy
1.5.0:pre1
banutinyproxy
1.5.0:pre2
banutinyproxy
1.5.0:pre3
banutinyproxy
1.5.0:pre4
banutinyproxy
1.5.0:pre5
banutinyproxy
1.5.0:pre6
banutinyproxy
1.5.0:rc1
banutinyproxy
1.5.0:rc10
banutinyproxy
1.5.0:rc2
banutinyproxy
1.5.0:rc4
banutinyproxy
1.5.0:rc5
banutinyproxy
1.5.0:rc6
banutinyproxy
1.5.0:rc7
banutinyproxy
1.5.0:rc8
banutinyproxy
1.5.0:rc9
banutinyproxy
1.5.1
banutinyproxy
1.5.1:pre1
banutinyproxy
1.5.1:pre2
banutinyproxy
1.5.1:pre3
banutinyproxy
1.5.1:pre4
banutinyproxy
1.5.1:pre5
banutinyproxy
1.5.1:pre6
banutinyproxy
1.5.1:rc1
banutinyproxy
1.5.1:rc2
banutinyproxy
1.5.1:rc3
banutinyproxy
1.5.1:rc4
banutinyproxy
1.5.2
banutinyproxy
1.5.2:rc1
banutinyproxy
1.5.2:rc2
banutinyproxy
1.5.3
banutinyproxy
1.5.3:rc1
banutinyproxy
1.6.0
banutinyproxy
1.6.0:a
banutinyproxy
1.6.0:pre1
banutinyproxy
1.6.0:pre2
banutinyproxy
1.6.0:pre3
banutinyproxy
1.6.0:pre4
banutinyproxy
1.6.0:rc1
banutinyproxy
1.6.0:rc2
banutinyproxy
1.6.0:rc3
banutinyproxy
1.6.1
banutinyproxy
1.6.2
banutinyproxy
1.6.3
banutinyproxy
1.6.4
banutinyproxy
1.6.5
banutinyproxy
1.7.0
banutinyproxy
1.7.1
banutinyproxy
1.8.0
banutinyproxy
1.8.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
tinyproxy
bullseye
1.10.0-5
fixed
bullseye (security)
1.10.0-5+deb11u1
fixed
bookworm
1.11.1-2.1+deb12u1
fixed
bookworm (security)
1.11.1-2.1+deb12u1
fixed
sid
1.11.2-1
fixed
trixie
1.11.2-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
tinyproxy
wily
not-affected
vivid
ignored
utopic
ignored
trusty
not-affected
saucy
ignored
raring
ignored
quantal
ignored
precise
not-affected
oneiric
ignored
natty
ignored
maverick
ignored
lucid
ignored
hardy
ignored
dapper
ignored
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/47715
https://banu.com/bugzilla/show_bug.cgi?id=90
https://banu.com/cgit/tinyproxy/diff/?id=97b9984484299b2ce72f8f4fc3706dab8a3a8439
http://www.securityfocus.com/bid/47715
https://banu.com/bugzilla/show_bug.cgi?id=90
https://banu.com/cgit/tinyproxy/diff/?id=97b9984484299b2ce72f8f4fc3706dab8a3a8439