CVE-2007-4097

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2007-4097
Tor before 0.1.2.15 sends "destroy cells" containing the reason for tearing down a circuit, which allows remote attackers to obtain sensitive information, contrary to specifications.

6.4 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:P

Exploitability : 10.0 / Impact : 4.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact PARTIAL

References
Link Resource
http://archives.seul.org/or/announce/Jul-2007/msg00000.html Patch
http://www.securityfocus.com/bid/25035 Patch
http://secunia.com/advisories/26140 Patch Vendor Advisory
http://osvdb.org/46969
http://www.vupen.com/english/advisories/2007/2634
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:tor:tor:0.1.1.1_alpha:*:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.1.1.2_alpha:*:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.1.0.10:*:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.1.0.11:*:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.1.1.20:*:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.1.1.23:*:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.1.0.12:*:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.1.0.13:*:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.1.1.3_alpha:*:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.1.1.4_alpha:*:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.1.0.14:*:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.1.2.1_alpha-cvs:*:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.1.0.18:*:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.1.2.14:*:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.1.1.5_alpha:*:*:*:*:*:*:*
Information

Published : 2007-07-30 14:17

Updated : 2011-03-07 18:57

NVD link : CVE-2007-4097

Mitre link : CVE-2007-4097

JSON object : View

CWE
NVD-CWE-Other
Advertisement

dedicated server usa
Products Affected

tor

  • tor