acl.c in Tinyproxy before 1.8.3, when an Allow configuration setting specifies a CIDR block, permits TCP connections from all IP addresses, which makes it easier for remote attackers to hide the origin of web traffic by leveraging the open HTTP proxy server.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2011-04-29T22:00:00

Updated: 2024-08-06T22:28:41.802Z

Reserved: 2011-03-21T00:00:00

Link: CVE-2011-1499

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2011-04-29T22:55:00.937

Modified: 2024-11-21T01:26:27.190

Link: CVE-2011-1499

cve-icon Redhat

No data.