Back to CVE Browser

CVE-2001-0129

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0410%

EPSS Percentile16.25th

PublishedMar 12, 2001

Last ModifiedApr 16, 2026

Vulnerability Description

Buffer overflow in Tinyproxy HTTP proxy 1.3.3 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long connect request.

Affected Platforms (CPE)

📦

Tinyproxy

Tinyproxy

<= 1.3.2

📦

Tinyproxy

Tinyproxy

= 1.3.3

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=97975486527750&w=2

🔗 http://www.debian.org/security/2001/dsa-018

🔗 http://www.securityfocus.com/bid/2217

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/5954

🔗 http://marc.info/?l=bugtraq&m=97975486527750&w=2

🔗 http://www.debian.org/security/2001/dsa-018

🔗 http://www.securityfocus.com/bid/2217

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/5954

Related Vulnerabilities

CVE-2002-08477.5

tinyproxy HTTP proxy 1.5.0, 1.4.3, and earlier allows remote attackers to execute arbitrary code via memory that is freed twice (d...

CVE-2011-18436.8

Integer overflow in conf.c in Tinyproxy before 1.8.3 might allow remote attackers to bypass intended access restrictions in opport...

CVE-2017-117475.5

main.c in Tinyproxy 1.8.4 and earlier creates a /run/tinyproxy/tinyproxy.pid file after dropping privileges to a non-root account,...

CVE-2012-35055.0

Tinyproxy 1.8.3 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via (1) a large numb...