Tor before 0.1.2.15 can select a guard node beyond the first listed never-before-connected-to guard node, which allows remote attackers with control of certain guard nodes to obtain sensitive information and possibly leverage further attacks.
References
Link | Resource |
---|---|
http://archives.seul.org/or/announce/Jul-2007/msg00000.html | Patch |
http://www.securityfocus.com/bid/25035 | Patch |
http://secunia.com/advisories/26140 | Patch Vendor Advisory |
http://osvdb.org/46971 | |
http://www.vupen.com/english/advisories/2007/2634 |
Configurations
Configuration 1 (hide)
|
Information
Published : 2007-07-30 14:17
Updated : 2011-03-07 18:57
NVD link : CVE-2007-4099
Mitre link : CVE-2007-4099
JSON object : View
CWE
Products Affected
tor
- tor