Total
57 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-0383 | 1 Tor | 1 Tor | 2010-02-04 | 5.0 MEDIUM | N/A |
| Tor before 0.2.1.22, and 0.2.2.x before 0.2.2.7-alpha, uses deprecated identity keys for certain directory authorities, which makes it easier for man-in-the-middle attackers to compromise the anonymity of traffic sources and destinations. | |||||
| CVE-2010-0385 | 1 Tor | 1 Tor | 2010-01-25 | 5.0 MEDIUM | N/A |
| Tor before 0.2.1.22, and 0.2.2.x before 0.2.2.7-alpha, when functioning as a bridge directory authority, allows remote attackers to obtain sensitive information about bridge identities and bridge descriptors via a dbg-stability.txt directory query. | |||||
| CVE-2009-0939 | 1 Tor | 1 Tor | 2009-04-17 | 10.0 HIGH | N/A |
| Tor before 0.2.0.34 treats incomplete IPv4 addresses as valid, which has unknown impact and attack vectors related to "Spec conformance," as demonstrated using 192.168.0. | |||||
| CVE-2009-0937 | 1 Tor | 1 Tor | 2009-04-17 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Tor before 0.2.0.34 allows directory mirrors to cause a denial of service via unknown vectors. | |||||
| CVE-2009-0936 | 1 Tor | 1 Tor | 2009-04-17 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Tor before 0.2.0.34 allows attackers to cause a denial of service (infinite loop) via "corrupt votes." | |||||
| CVE-2009-0654 | 1 Tor | 1 Tor | 2009-02-24 | 5.1 MEDIUM | N/A |
| Tor 0.2.0.28, and probably 0.2.0.34 and earlier, allows remote attackers, with control of an entry router and an exit router, to confirm that a sender and receiver are communicating via vectors involving (1) replaying, (2) modifying, (3) inserting, or (4) deleting a single cell, and then observing cell recognition errors at the exit router. NOTE: the vendor disputes the significance of this issue, noting that the product's design "accepted end-to-end correlation as an attack that is too expensive to solve." | |||||
| CVE-2007-1103 | 1 Tor | 1 Tor | 2008-11-14 | 4.3 MEDIUM | N/A |
| Tor does not verify a node's uptime and bandwidth advertisements, which allows remote attackers who operate a low resource node to make false claims of greater resources, which places the node into use for many circuits and compromises the anonymity of traffic sources and destinations. | |||||
| CVE-2006-6893 | 1 Tor | 1 Tor | 2008-09-05 | 5.0 MEDIUM | N/A |
| Tor allows remote attackers to discover the IP address of a hidden service by accessing this service at a high rate, thereby changing the server's CPU temperature and consequently changing the pattern of time values visible through (1) ICMP timestamps, (2) TCP sequence numbers, and (3) TCP timestamps, a different vulnerability than CVE-2006-0414. NOTE: it could be argued that this is a laws-of-physics vulnerability that is a fundamental design limitation of certain hardware implementations, so perhaps this issue should not be included in CVE. | |||||
| CVE-2006-3411 | 1 Tor | 1 Tor | 2008-09-05 | 6.4 MEDIUM | N/A |
| TLS handshakes in Tor before 0.1.1.20 generate public-private keys based on TLS context rather than the connection, which makes it easier for remote attackers to conduct brute force attacks on the encryption keys. | |||||
| CVE-2006-3416 | 1 Tor | 1 Tor | 2008-09-05 | 5.0 MEDIUM | N/A |
| ** DISPUTED ** Tor before 0.1.1.20 kills the circuit when it receives an unrecognized relay command, which causes network circuits to be disbanded. NOTE: while this item is listed under the "Security fixes" section of the developer changelog, the developer clarified on 20060707 that this is only a self-DoS. Therefore this issue should not be included in CVE. | |||||
| CVE-2006-3415 | 1 Tor | 1 Tor | 2008-09-05 | 6.4 MEDIUM | N/A |
| Tor before 0.1.1.20 uses improper logic to validate the "OR" destination, which allows remote attackers to perform a man-in-the-middle (MITM) attack via unspecified vectors. | |||||
| CVE-2006-3417 | 1 Tor | 1 Tor | 2008-09-05 | 6.4 MEDIUM | N/A |
| Tor client before 0.1.1.20 prefers entry points based on is_fast or is_stable flags, which could allow remote attackers to be preferred over nodes that are identified as more trustworthy "entry guard" (is_guard) systems by directory authorities. | |||||
| CVE-2006-3414 | 1 Tor | 1 Tor | 2008-09-05 | 5.0 MEDIUM | N/A |
| Tor before 0.1.1.20 supports server descriptors that contain hostnames instead of IP addresses, which allows remote attackers to arbitrarily group users by providing preferential address resolution. | |||||
| CVE-2006-3413 | 1 Tor | 1 Tor | 2008-09-05 | 5.0 MEDIUM | N/A |
| The privoxy configuration file in Tor before 0.1.1.20, when run on Apple OS X, logs all data via the "logfile", which allows attackers to obtain potentially sensitive information. | |||||
| CVE-2006-3412 | 1 Tor | 1 Tor | 2008-09-05 | 6.4 MEDIUM | N/A |
| Tor before 0.1.1.20 does not sufficiently obey certain firewall options, which allows remote attackers to bypass intended access restrictions for dirservers, direct connections, or proxy servers. | |||||
| CVE-2006-3418 | 1 Tor | 1 Tor | 2008-09-05 | 5.0 MEDIUM | N/A |
| Tor before 0.1.1.20 does not validate that a server descriptor's fingerprint line matches its identity key, which allows remote attackers to spoof the fingerprint line, which might be trusted by users or other applications. | |||||
| CVE-2006-3419 | 1 Tor | 1 Tor | 2008-09-05 | 5.0 MEDIUM | N/A |
| Tor before 0.1.1.20 uses OpenSSL pseudo-random bytes (RAND_pseudo_bytes) instead of cryptographically strong RAND_bytes, and seeds the entropy value at start-up with 160-bit chunks without reseeding, which makes it easier for attackers to conduct brute force guessing attacks. | |||||