CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-34548 – Tor Half-Closed Connection Stream Confusion
https://notcve.org/view.php?id=CVE-2021-34548
An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-003. An attacker can forge RELAY_END or RELAY_RESOLVED to bypass the intended access control for ending a stream. Se ha detectado un problema en Tor versiones anteriores a 0.4.6.5, también se conoce como TROVE-2021-003. Un atacante puede falsificar las funciones RELAY_END o RELAY_RESOLVED para omitir el control de acceso previsto para terminar un flujo Tor suffers from an issue where half-closed connection tracking ignores layer_hint and due to this, entry/middle relays can spoof RELAY_END cells on half-closed streams, which can lead to stream confusion between OP and exit. • http://packetstormsecurity.com/files/163510/Tor-Half-Closed-Connection-Stream-Confusion.html https://blog.torproject.org/node/2041 https://gitlab.torproject.org/tpo/core/tor/-/issues/40389 https://security.gentoo.org/glsa/202107-25 • CWE-290: Authentication Bypass by Spoofing •
CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2021-28090
https://notcve.org/view.php?id=CVE-2021-28090
Tor before 0.4.5.7 allows a remote attacker to cause Tor directory authorities to exit with an assertion failure, aka TROVE-2021-002. Tor versiones anteriores a 0.4.5.7, permite a un atacante remoto causar que autoridades del directorio de Tor salgan con un fallo de aserción, también se conoce como TROVE-2021-002 • https://blog.torproject.org/node/2009 https://bugs.torproject.org/tpo/core/tor/40316 https://gitlab.torproject.org/tpo/core/tor/-/issues/40316 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HPDXB2GZHG3VNOTWSXQ3QZVHNV76WCU5 https://security.gentoo.org/glsa/202107-25 • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-28089
https://notcve.org/view.php?id=CVE-2021-28089
Tor before 0.4.5.7 allows a remote participant in the Tor directory protocol to exhaust CPU resources on a target, aka TROVE-2021-001. Tor versiones anteriores a 0.4.5.7, permite a un participante remoto en el protocolo de directorio de Tor agotar los recursos de la CPU en un objetivo, también se conoce como TROVE-2021-001 • https://blog.torproject.org/node/2009 https://gitlab.torproject.org/tpo/core/tor/-/issues/40304 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HPDXB2GZHG3VNOTWSXQ3QZVHNV76WCU5 https://security.gentoo.org/glsa/202107-25 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2020-15572
https://notcve.org/view.php?id=CVE-2020-15572
Tor before 0.4.3.6 has an out-of-bounds memory access that allows a remote denial-of-service (crash) attack against Tor instances built to use Mozilla Network Security Services (NSS), aka TROVE-2020-001. Tor versiones anteriores a 0.4.3.6, presenta un acceso de la memoria fuera de límites que permite un ataque de denegación de servicio remoto (bloqueo) contra instancias de Tor creadas para usar Mozilla Network Security Services (NSS), también se conoce como TROVE-2020-001 • https://blog.torproject.org/new-release-tor-03511-0428-0436-security-fixes https://gitlab.torproject.org/tpo/core/tor/-/issues/33119 https://trac.torproject.org/projects/tor/wiki/TROVE • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-10592
https://notcve.org/view.php?id=CVE-2020-10592
Tor before 0.3.5.10, 0.4.x before 0.4.1.9, and 0.4.2.x before 0.4.2.7 allows remote attackers to cause a Denial of Service (CPU consumption), aka TROVE-2020-002. Tor versiones anteriores a 0.3.5.10, versiones 0.4.x anteriores a 0.4.1.9 y versiones 0.4.2.x anteriores a 0.4.2.7, permite a atacantes remotos causar una Denegación de Servicio (consumo de CPU), también se conoce como TROVE-2020-002. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00045.html http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00052.html https://security.gentoo.org/glsa/202003-50 https://trac.torproject.org/projects/tor/ticket/33120 •