Detections
Analytics

FreeBSD : tinyproxy -- ACL lists ineffective when range is configured (b9281fb9-61b2-11e0-b1ce-0019d1a7ece2)

low Nessus Plugin ID 53347

Language:

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

When including a line to allow a network of IP addresses, the access to tinyproxy 56 is actually allowed for all IP addresses.

Solution

Update the affected package.

See Also

https://banu.com/bugzilla/show_bug.cgi?id=90

http://www.nessus.org/u?11750616

Plugin Details

Severity: Low

ID: 53347

File Name: freebsd_pkg_b9281fb961b211e0b1ce0019d1a7ece2.nasl

Version: 1.8

Type: local

Published: 4/11/2011

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 2.7

CVSS v2

Risk Factor: Low

Base Score: 2.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:tinyproxy, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 4/8/2011

Vulnerability Publication Date: 5/18/2010

Reference Information

CVE: CVE-2011-1499