CVE-2001-1030
Published Jul 18, 2001
Last updated 7 years ago
Overview
- Description
- Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:caldera:openlinux_server:3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0A218B67-B87B-4A5E-B9EF-EF39ADEAD9FC"
},
{
"criteria": "cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB0F79BE-8EBF-44D8-83A1-9331669BED54"
},
{
"criteria": "cpe:2.3:a:immunix:immunix:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "660CA978-FDA1-4D48-8162-9CB9243A1B7E"
},
{
"criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897"
},
{
"criteria": "cpe:2.3:a:mandrakesoft:mandrake_single_network_firewall:7.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7A188467-3856-4599-A2CD-BD2655974B63"
},
{
"criteria": "cpe:2.3:a:squid:squid_web_proxy:2.3stable3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1D5299EE-5CA6-4A9E-9543-BDB0ADF9ED68"
},
{
"criteria": "cpe:2.3:a:squid:squid_web_proxy:2.3stable4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "69466E6B-CD99-4A6F-87EE-1CC430573509"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68"
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE"
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4371A667-18E1-4C54-B2E1-6F885F22F213"
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "97E09AD9-F057-4264-88BB-A8A18C1B1246"
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14"
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9D0DFB12-B43F-4207-A900-464A97F5124D"
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:1.01:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9406727E-365C-466F-8406-82B393537559"
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "13EBB2F7-712E-4CB1-B4B4-5F0851F3D37E"
}
],
"operator": "OR"
}
]
}
]