CVSS: 5.0EPSS: 0%CPEs: 27EXPL: 0CVE-2005-2643
https://notcve.org/view.php?id=CVE-2005-2643
Tor 0.1.0.13 and earlier, and experimental versions 0.1.1.4-alpha and earlier, does not reject certain weak keys when using ephemeral Diffie-Hellman (DH) handshakes, which allows malicious Tor servers to obtain the keys that a client uses for other systems in the circuit. • http://archives.seul.org/or/announce/Aug-2005/msg00002.html http://marc.info/?l=bugtraq&m=112448002732443&w=2 http://secunia.com/advisories/16424 http://securitytracker.com/id?1014739 •
CVSS: 5.0EPSS: 3%CPEs: 10EXPL: 0CVE-2005-2050
https://notcve.org/view.php?id=CVE-2005-2050
Unknown vulnerability in Tor before 0.1.0.10 allows remote attackers to read arbitrary memory and possibly key information from the exit server's process space. • http://archives.seul.org/or/announce/Jun-2005/msg00001.html http://bugs.gentoo.org/show_bug.cgi?id=96320 http://secunia.com/advisories/15764 http://www.gentoo.org/security/en/glsa/glsa-200506-18.xml https://exchange.xforce.ibmcloud.com/vulnerabilities/21093 •