Vulnerabilities > CVE-2001-1030
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 | |
| Application | 3 | |
| Application | 1 | |
| Application | 2 | |
| OS | 4 | |
| OS | 1 | |
| OS | 3 |
Nessus
| NASL family | Mandriva Local Security Checks |
| NASL id | MANDRAKE_MDKSA-2001-066.NASL |
| description | The Squid proxy server has a serious security flaw in versions 2.3.STABLE2 through 2.3.STABLE4. This problem surfaces when Squid is used in httpd_accel mode. If you configure http_accel_with_proxy off then any request to Squid is allowed. Malicious users may use your proxy to portscan remote systems, forge email, and other activities. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 13881 |
| published | 2004-07-31 |
| reporter | This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/13881 |
| title | Mandrake Linux Security Advisory : squid (MDKSA-2001:066) |
Redhat
| advisories |
|
References
- http://archives.neohapsis.com/archives/bugtraq/2001-07/0362.html
- http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-031-01
- http://www.calderasystems.com/support/security/advisories/CSSA-2001-029.0.txt
- http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-066.php3
- http://www.redhat.com/support/errata/RHSA-2001-097.html
- http://www.securityfocus.com/archive/1/197727
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6862