CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2012-3505

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.0360%
EPSS Percentile27.88th
Published2012年10月9日
Last Modified2026年4月29日

Vulnerability Description

Tinyproxy 1.8.3 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via (1) a large number of headers or (2) a large number of forged headers that trigger hash collisions predictably. bucket.

Affected Platforms (CPE)

📦
Banu

Tinyproxy

<= 1.8.3
📦
Banu

Tinyproxy

= 1.5.0
📦
Banu

Tinyproxy

= 1.5.0
📦
Banu

Tinyproxy

= 1.5.0
📦
Banu

Tinyproxy

= 1.5.0
📦
Banu

Tinyproxy

= 1.5.0
📦
Banu

Tinyproxy

= 1.5.0
📦
Banu

Tinyproxy

= 1.5.0
📦
Banu

Tinyproxy

= 1.5.0
📦
Banu

Tinyproxy

= 1.5.0
📦
Banu

Tinyproxy

= 1.5.0
📦
Banu

Tinyproxy

= 1.5.0
📦
Banu

Tinyproxy

= 1.5.0
📦
Banu

Tinyproxy

= 1.5.0
📦
Banu

Tinyproxy

= 1.5.0
📦
Banu

Tinyproxy

= 1.5.0
📦
Banu

Tinyproxy

= 1.5.0
📦
Banu

Tinyproxy

= 1.5.1
📦
Banu

Tinyproxy

= 1.5.1
📦
Banu

Tinyproxy

= 1.5.1
📦
Banu

Tinyproxy

= 1.5.1
📦
Banu

Tinyproxy

= 1.5.1
📦
Banu

Tinyproxy

= 1.5.1
📦
Banu

Tinyproxy

= 1.5.1
📦
Banu

Tinyproxy

= 1.5.1
📦
Banu

Tinyproxy

= 1.5.1
📦
Banu

Tinyproxy

= 1.5.1
📦
Banu

Tinyproxy

= 1.5.1
📦
Banu

Tinyproxy

= 1.5.2
📦
Banu

Tinyproxy

= 1.5.2
📦
Banu

Tinyproxy

= 1.5.2
📦
Banu

Tinyproxy

= 1.5.3
📦
Banu

Tinyproxy

= 1.5.3
📦
Banu

Tinyproxy

= 1.6.0
📦
Banu

Tinyproxy

= 1.6.0
📦
Banu

Tinyproxy

= 1.6.0
📦
Banu

Tinyproxy

= 1.6.0
📦
Banu

Tinyproxy

= 1.6.0
📦
Banu

Tinyproxy

= 1.6.0
📦
Banu

Tinyproxy

= 1.6.0
📦
Banu

Tinyproxy

= 1.6.0
📦
Banu

Tinyproxy

= 1.6.0
📦
Banu

Tinyproxy

= 1.6.1
📦
Banu

Tinyproxy

= 1.6.2
📦
Banu

Tinyproxy

= 1.6.3
📦
Banu

Tinyproxy

= 1.6.4
📦
Banu

Tinyproxy

= 1.6.5
📦
Banu

Tinyproxy

= 1.7.0
📦
Banu

Tinyproxy

= 1.7.1
📦
Banu

Tinyproxy

= 1.8.0
📦
Banu

Tinyproxy

= 1.8.1
📦
Banu

Tinyproxy

= 1.8.2

References & Advisories

🔗 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685281
🔗 http://secunia.com/advisories/50278
🔗 http://secunia.com/advisories/51074
🔗 http://www.debian.org/security/2012/dsa-2564
🔗 http://www.openwall.com/lists/oss-security/2012/08/17/3
🔗 http://www.openwall.com/lists/oss-security/2012/08/18/1
🔗 http://www.securitytracker.com/id?1027412
🔗 https://banu.com/bugzilla/show_bug.cgi?id=110

相關漏洞威脅

CVE-2001-012910.0

Buffer overflow in Tinyproxy HTTP proxy 1.3.3 and earlier allows remote attackers to cause a denial of service and possibly execut...

CVE-2002-08477.5

tinyproxy HTTP proxy 1.5.0, 1.4.3, and earlier allows remote attackers to execute arbitrary code via memory that is freed twice (d...

CVE-2011-18436.8

Integer overflow in conf.c in Tinyproxy before 1.8.3 might allow remote attackers to bypass intended access restrictions in opport...

CVE-2017-117475.5

main.c in Tinyproxy 1.8.4 and earlier creates a /run/tinyproxy/tinyproxy.pid file after dropping privileges to a non-root account,...

CVE-2012-3505 Detail & Impact Analysis | CVSS 5.0 (MEDIUM) | Cyber-Sec.Space | Cyber-Sec.Space