CVE-2001-1030
Severity Score
7.5
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2001-07-18 CVE Published
- 2002-01-31 CVE Reserved
- 2024-05-25 EPSS Updated
- 2024-08-08 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (7)
| URL | Tag | Source |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/6862 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://archives.neohapsis.com/archives/bugtraq/2001-07/0362.html | 2017-10-10 | |
| http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-031-01 | 2017-10-10 | |
| http://www.redhat.com/support/errata/RHSA-2001-097.html | 2017-10-10 | |
| http://www.securityfocus.com/archive/1/197727 | 2017-10-10 |
| URL | Date | SRC |
|---|---|---|
| http://www.calderasystems.com/support/security/advisories/CSSA-2001-029.0.txt | 2017-10-10 | |
| http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-066.php3 | 2017-10-10 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Caldera Search vendor "Caldera" | Openlinux Server Search vendor "Caldera" for product "Openlinux Server" | 3.1 Search vendor "Caldera" for product "Openlinux Server" and version "3.1" | - |
Affected
| ||||||
| Immunix Search vendor "Immunix" | Immunix Search vendor "Immunix" for product "Immunix" | 6.2 Search vendor "Immunix" for product "Immunix" and version "6.2" | - |
Affected
| ||||||
| Immunix Search vendor "Immunix" | Immunix Search vendor "Immunix" for product "Immunix" | 7.0 Search vendor "Immunix" for product "Immunix" and version "7.0" | - |
Affected
| ||||||
| Immunix Search vendor "Immunix" | Immunix Search vendor "Immunix" for product "Immunix" | 7.0_beta Search vendor "Immunix" for product "Immunix" and version "7.0_beta" | - |
Affected
| ||||||
| Mandrakesoft Search vendor "Mandrakesoft" | Mandrake Single Network Firewall Search vendor "Mandrakesoft" for product "Mandrake Single Network Firewall" | 7.2 Search vendor "Mandrakesoft" for product "Mandrake Single Network Firewall" and version "7.2" | - |
Affected
| ||||||
| Squid Search vendor "Squid" | Squid Web Proxy Search vendor "Squid" for product "Squid Web Proxy" | 2.3stable3 Search vendor "Squid" for product "Squid Web Proxy" and version "2.3stable3" | - |
Affected
| ||||||
| Squid Search vendor "Squid" | Squid Web Proxy Search vendor "Squid" for product "Squid Web Proxy" | 2.3stable4 Search vendor "Squid" for product "Squid Web Proxy" and version "2.3stable4" | - |
Affected
| ||||||
| Mandrakesoft Search vendor "Mandrakesoft" | Mandrake Linux Search vendor "Mandrakesoft" for product "Mandrake Linux" | 7.1 Search vendor "Mandrakesoft" for product "Mandrake Linux" and version "7.1" | - |
Affected
| ||||||
| Mandrakesoft Search vendor "Mandrakesoft" | Mandrake Linux Search vendor "Mandrakesoft" for product "Mandrake Linux" | 7.2 Search vendor "Mandrakesoft" for product "Mandrake Linux" and version "7.2" | - |
Affected
| ||||||
| Mandrakesoft Search vendor "Mandrakesoft" | Mandrake Linux Search vendor "Mandrakesoft" for product "Mandrake Linux" | 8.0 Search vendor "Mandrakesoft" for product "Mandrake Linux" and version "8.0" | - |
Affected
| ||||||
| Mandrakesoft Search vendor "Mandrakesoft" | Mandrake Linux Corporate Server Search vendor "Mandrakesoft" for product "Mandrake Linux Corporate Server" | 1.0.1 Search vendor "Mandrakesoft" for product "Mandrake Linux Corporate Server" and version "1.0.1" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Linux Search vendor "Redhat" for product "Linux" | 7.0 Search vendor "Redhat" for product "Linux" and version "7.0" | - |
Affected
| ||||||
| Trustix Search vendor "Trustix" | Secure Linux Search vendor "Trustix" for product "Secure Linux" | 1.1 Search vendor "Trustix" for product "Secure Linux" and version "1.1" | - |
Affected
| ||||||
| Trustix Search vendor "Trustix" | Secure Linux Search vendor "Trustix" for product "Secure Linux" | 1.01 Search vendor "Trustix" for product "Secure Linux" and version "1.01" | - |
Affected
| ||||||
| Trustix Search vendor "Trustix" | Secure Linux Search vendor "Trustix" for product "Secure Linux" | 1.2 Search vendor "Trustix" for product "Secure Linux" and version "1.2" | - |
Affected
| ||||||