Vulnerabilities > CVE-2011-1843 - Numeric Errors vulnerability in Banu Tinyproxy

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
banu
CWE-189
nessus

Summary

Integer overflow in conf.c in Tinyproxy before 1.8.3 might allow remote attackers to bypass intended access restrictions in opportunistic circumstances via a TCP connection, related to improper handling of invalid port numbers.

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2013-16225.NASL
    description - Update to upstream 1.83 - switch to using systemd macros in rpm - update to a PIE hardened build - update to use systemd Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2013-09-22
    plugin id70043
    published2013-09-22
    reporterThis script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/70043
    titleFedora 19 : tinyproxy-1.8.3-1.fc19 (2013-16225)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2013-16165.NASL
    description - Update to upstream 1.83 - switch to using systemd macros in rpm - update to a PIE hardened build - update to use systemd Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2013-09-23
    plugin id70052
    published2013-09-23
    reporterThis script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/70052
    titleFedora 20 : tinyproxy-1.8.3-1.fc20 (2013-16165)