Vulnerability in Caldera Openlinux_server
CVE-2001-1030
Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized acti…
EPSS: 0.020 (77.7th percentile) — read the EPSS interpretation.
Affected products
- Caldera Openlinux_server — versions 3.1
- Immunix — versions 6.2, 7.0, 7.0_beta
- Mandrakesoft Mandrake_linux — versions 7.1, 7.2, 8.0
- Mandrakesoft Mandrake_linux_corporate_server — versions 1.0.1
- Mandrakesoft Mandrake_single_network_firewall — versions 7.2
- Squid Squid_web_proxy — versions 2.3stable3, 2.3stable4
- Trustix Secure_linux — versions 1.1, 1.01, 1.2
- Redhat Linux — versions 7.0
- N/a — versions n/a
References
- cve@mitre.org (Vendor Advisory, mailing-list, x_refsource_BUGTRAQ, Patch)
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (x_refsource_REDHAT, vendor-advisory, Patch, Vendor Advisory)
- cve@mitre.org (vendor-advisory, Patch, x_refsource_IMMUNIX, Vendor Advisory)
- cve@mitre.org (vendor-advisory, x_refsource_MANDRAKE)
- cve@mitre.org (x_refsource_CALDERA, vendor-advisory)
- cve@mitre.org (Vendor Advisory, mailing-list, x_refsource_BUGTRAQ, Patch)