Page 13 of 92 results (0.013 seconds)

CVSS: 10.0EPSS: 0%CPEs: 30EXPL: 0

Tor before 0.2.0.34 treats incomplete IPv4 addresses as valid, which has unknown impact and attack vectors related to "Spec conformance," as demonstrated using 192.168.0. Tor anterior a v0.2.0.34 trata direcciones IPv4 incompletas como validas, lo que tiene un impacto desconocido y vectores de ataque relacionados con "Spec conformance," como se ha demostrado utilizando 192.168.0. • http://archives.seul.org/or/announce/Feb-2009/msg00000.html http://secunia.com/advisories/33880 http://secunia.com/advisories/34583 http://security.gentoo.org/glsa/glsa-200904-11.xml http://www.securityfocus.com/bid/33713 •

CVSS: 5.0EPSS: 0%CPEs: 30EXPL: 0

Unspecified vulnerability in Tor before 0.2.0.34 allows directory mirrors to cause a denial of service via unknown vectors. Vulnerabilidad no especificada en Tor anterior a v0.2.0.34 permite replicaciones de directorio que provocan una denegación de servicio a través de vectores desconocidos. • http://archives.seul.org/or/announce/Feb-2009/msg00000.html http://secunia.com/advisories/33880 http://secunia.com/advisories/34583 http://security.gentoo.org/glsa/glsa-200904-11.xml http://www.securityfocus.com/bid/33713 •

CVSS: 5.0EPSS: 0%CPEs: 30EXPL: 0

Unspecified vulnerability in Tor before 0.2.0.34 allows attackers to cause a denial of service (infinite loop) via "corrupt votes." Vulnerabilidad no especificada en Tor anterior a v0.2.0.34 permite a atacantes provocar una denegación de servicio (bucle infinito) a través de "votos corruptos". • http://archives.seul.org/or/announce/Feb-2009/msg00000.html http://secunia.com/advisories/33880 http://secunia.com/advisories/34583 http://security.gentoo.org/glsa/glsa-200904-11.xml http://www.securityfocus.com/bid/33713 •

CVSS: 5.1EPSS: 0%CPEs: 33EXPL: 1

Tor 0.2.0.28, and probably 0.2.0.34 and earlier, allows remote attackers, with control of an entry router and an exit router, to confirm that a sender and receiver are communicating via vectors involving (1) replaying, (2) modifying, (3) inserting, or (4) deleting a single cell, and then observing cell recognition errors at the exit router. NOTE: the vendor disputes the significance of this issue, noting that the product's design "accepted end-to-end correlation as an attack that is too expensive to solve." Tor v0.2.0.28, y posiblemente v0.2.0.34 y anteriores, permite a atacantes remotos, con el control de un enrutador de salida y otro de entrada, confirmar que un receptor y un remitente estan comunicandose a traves de los vectores (1) replaying, (2) modifying, (3) inserting, or (4) deleting a single cell, y despues observar los errores de reconocimiento de celula en el enrutador de salida. NOTA: El vendedor no esta de acuerda con la importancia de este hecho. • http://blog.torproject.org/blog/one-cell-enough http://www.blackhat.com/html/bh-dc-09/bh-dc-09-archives.html#Fu http://www.blackhat.com/presentations/bh-dc-09/Fu/BlackHat-DC-09-Fu-Break-Tors-Anonymity.pdf •

CVSS: 10.0EPSS: 1%CPEs: 160EXPL: 1

Unspecified vulnerability in Tor before 0.2.0.33 has unspecified impact and remote attack vectors that trigger heap corruption. Vulnerabilidad sin especificar en Tor anterior a v0.2.0.33 tiene un impacto y vectores de ataque desconocidos que lanzan una corrupción de montículo (heap). • http://archives.seul.org/or/announce/Jan-2009/msg00000.html http://blog.torproject.org/blog/tor-0.2.0.33-stable-released http://secunia.com/advisories/33635 http://secunia.com/advisories/33677 http://secunia.com/advisories/34583 http://security.gentoo.org/glsa/glsa-200904-11.xml http://www.securityfocus.com/bid/33399 http://www.securitytracker.com/id?1021633 http://www.vupen.com/english/advisories/2009/0210 https://www.redhat.com/archives/fedora-package-announce/2009-Janu • CWE-399: Resource Management Errors •