CVE-2001-1030

Published: Jul 18, 2001Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning.

Affected (15)

Products: Caldera: Openlinux Server · Immunix: Immunix · Mandrakesoft: Mandrake Single Network Firewall, Mandrake Linux, Mandrake Linux Corporate Server · +3 more

Show all products

Caldera: Openlinux Server · Immunix: Immunix · Mandrakesoft: Mandrake Single Network Firewall, Mandrake Linux, Mandrake Linux Corporate Server · Squid: Squid Web Proxy · Redhat: Linux · Trustix: Secure Linux

1 product

1 product

3 products

Mandrake Single Network Firewall

Mandrake Linux

Mandrake Linux Corporate Server

1 product

1 product

1 product

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Caldera Openlinux Server	Version 3.1
Immunix Immunix	Version 6.2
Immunix Immunix	Version 7.0
Immunix Immunix	Version 7.0_beta
Mandrakesoft Mandrake Single Network Firewall	Version 7.2
Squid Squid Web Proxy	Version 2.3stable3
Squid Squid Web Proxy	Version 2.3stable4

Configuration B

8 vulnerable

Vulnerable Software	Affected Versions
Mandrakesoft Mandrake Linux	Version 7.1
Mandrakesoft Mandrake Linux	Version 7.2
Mandrakesoft Mandrake Linux	Version 8.0
Mandrakesoft Mandrake Linux Corporate Server	Version 1.0.1
Redhat Linux	Version 7.0
Trustix Secure Linux	Version 1.01
Trustix Secure Linux	Version 1.1
Trustix Secure Linux	Version 1.2