Unrated severityNVD Advisory· Published Apr 29, 2011· Updated Jun 16, 2026
CVE-2011-1499
CVE-2011-1499
Description
acl.c in Tinyproxy before 1.8.3, when an Allow configuration setting specifies a CIDR block, permits TCP connections from all IP addresses, which makes it easier for remote attackers to hide the origin of web traffic by leveraging the open HTTP proxy server.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
53cpe:2.3:a:banu:tinyproxy:*:*:*:*:*:*:*:*+ 51 more
- cpe:2.3:a:banu:tinyproxy:*:*:*:*:*:*:*:*range: <=1.8.2
- cpe:2.3:a:banu:tinyproxy:1.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.5.0:pre1:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.5.0:pre2:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.5.0:pre3:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.5.0:pre4:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.5.0:pre5:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.5.0:pre6:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.5.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.5.0:rc10:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.5.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.5.0:rc4:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.5.0:rc5:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.5.0:rc6:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.5.0:rc7:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.5.0:rc8:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.5.0:rc9:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.5.1:pre1:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.5.1:pre2:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.5.1:pre3:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.5.1:pre4:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.5.1:pre5:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.5.1:pre6:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.5.1:rc1:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.5.1:rc2:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.5.1:rc3:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.5.1:rc4:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.5.2:rc1:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.5.2:rc2:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.5.3:rc1:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.6.0:a:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.6.0:pre1:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.6.0:pre2:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.6.0:pre3:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.6.0:pre4:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.6.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.6.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.6.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.6.5:*:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:banu:tinyproxy:1.8.1:*:*:*:*:*:*:*
- (no CPE)range: <1.8.3
Patches
Vulnerability mechanics
References
9- bugs.debian.org/cgi-bin/bugreport.cginvdIssue TrackingPatch
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatch
- openwall.com/lists/oss-security/2011/04/07/9nvdMailing ListThird Party Advisory
- openwall.com/lists/oss-security/2011/04/08/3nvdMailing ListThird Party Advisory
- www.debian.org/security/2011/dsa-2222nvdThird Party Advisory
- banu.com/bugzilla/show_bug.cginvdBroken Link
- banu.com/cgit/tinyproxy/diff/nvdBroken Link
- secunia.com/advisories/44274nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/67256nvd
News mentions
0No linked articles in our index yet.