CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 4CVE-2017-16639 – Tor Browser SMB Deanonymization / Information Disclosure
https://notcve.org/view.php?id=CVE-2017-16639
13 Sep 2018 — Tor Browser on Windows before 8.0 allows remote attackers to bypass the intended anonymity feature and discover a client IP address, a different vulnerability than CVE-2017-16541. User interaction is required to trigger this vulnerability. Tor Browser en Windows en versiones anteriores a la 8.0 permite que atacantes remotos omitan la característica de anonimato planeada y descubrir una dirección IP de cliente. Esta vulnerabilidad es diferente de CVE-2017-16541. Se requiere interacción del usuario para explo... • https://packetstorm.news/files/id/149351 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 1%CPEs: 18EXPL: 0CVE-2018-0490 – Debian Security Advisory 4183-1
https://notcve.org/view.php?id=CVE-2018-0490
05 Mar 2018 — An issue was discovered in Tor before 0.2.9.15, 0.3.1.x before 0.3.1.10, and 0.3.2.x before 0.3.2.10. The directory-authority protocol-list subprotocol implementation allows remote attackers to cause a denial of service (NULL pointer dereference and directory-authority crash) via a misformatted relay descriptor that is mishandled during voting. Se ha descubierto un problema en Tor en versiones anteriores a la 0.2.9.15, versiones 0.3.1.x anteriores a la 0.3.1.10 y versiones 0.3.2.x anteriores a la 0.3.2.10. ... • https://blog.torproject.org/new-stable-tor-releases-security-fixes-and-dos-prevention-03210-03110-02915 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 10%CPEs: 1EXPL: 2CVE-2018-0491 – Tor Browser < 0.3.2.10 - Use After Free (PoC)
https://notcve.org/view.php?id=CVE-2018-0491
05 Mar 2018 — A use-after-free issue was discovered in Tor 0.3.2.x before 0.3.2.10. It allows remote attackers to cause a denial of service (relay crash) because the KIST implementation allows a channel to be added more than once in the pending list. Se ha descubierto un problema de uso de memoria previamente liberada en Tor, en versiones 0.3.2.x anteriores a la 0.3.2.10. Permite que atacantes remotos provoquen una denegación de servicio (cierre inesperado del relevo) debido a que la implementación KIST permite que un ca... • https://packetstorm.news/files/id/148454 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 3%CPEs: 8EXPL: 0CVE-2016-1254
https://notcve.org/view.php?id=CVE-2016-1254
05 Dec 2017 — Tor before 0.2.8.12 might allow remote attackers to cause a denial of service (client crash) via a crafted hidden service descriptor. Tor, en versiones anteriores a la 0.2.8.12 podría permitir que los atacantes remotos provoquen una denegación de servicio (cierre inesperado del cliente) mediante un descriptor de servicio oculto manipulado. • http://lists.opensuse.org/opensuse-updates/2016-12/msg00154.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 2%CPEs: 18EXPL: 3CVE-2017-16541 – Mozilla: Proxy bypass using automount and autofs
https://notcve.org/view.php?id=CVE-2017-16541
04 Nov 2017 — Tor Browser before 7.0.9 on macOS and Linux allows remote attackers to bypass the intended anonymity feature and discover a client IP address via vectors involving a crafted web site that leverages file:// mishandling in Firefox, aka TorMoil. NOTE: Tails is unaffected. El navegador Tor en versiones anteriores a la 7.0.9 en macOS y Linux permite que atacantes remotos sin omitan las características de anonimato previstas y descubran una dirección IP de cliente mediante vectores que impliquen un sitio web mani... • https://packetstorm.news/files/id/149298 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 0%CPEs: 31EXPL: 0CVE-2017-0380 – Debian Security Advisory 3993-1
https://notcve.org/view.php?id=CVE-2017-0380
18 Sep 2017 — The rend_service_intro_established function in or/rendservice.c in Tor before 0.2.8.15, 0.2.9.x before 0.2.9.12, 0.3.0.x before 0.3.0.11, 0.3.1.x before 0.3.1.7, and 0.3.2.x before 0.3.2.1-alpha, when SafeLogging is disabled, allows attackers to obtain sensitive information by leveraging access to the log files of a hidden service, because uninitialized stack data is included in an error message about construction of an introduction point circuit. La función rend_service_intro_established en or/rendservice.... • http://www.debian.org/security/2017/dsa-3993 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2017-0377
https://notcve.org/view.php?id=CVE-2017-0377
02 Jul 2017 — Tor 0.3.x before 0.3.0.9 has a guard-selection algorithm that only considers the exit relay (not the exit relay's family), which might allow remote attackers to defeat intended anonymity properties by leveraging the existence of large families. Las versiones 0.3.x de Tor anteriores a la 0.3.0.9 cuentan con un algoritmo de selección de restricciones que solo considera el exit relay (no la familia del exit relay), lo que podría permitir que atacantes remotos superen las propiedades de anonimato planeadas apro... • https://blog.torproject.org/blog/tor-0309-released-security-update-clients • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2017-0375
https://notcve.org/view.php?id=CVE-2017-0375
09 Jun 2017 — The hidden-service feature in Tor before 0.3.0.8 allows a denial of service (assertion failure and daemon exit) in the relay_send_end_cell_from_edge_ function via a malformed BEGIN cell. La función de servicio oculto en Tor antes de la versión 0.3.0.8 permite una denegación de servicio (fallo de aserción y salida de demonio) en la función relay_send_end_cell_from_edge_ a través de una llamada BEGIN con formato incorrecto. • http://www.securityfocus.com/bid/99017 • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-0376 – Debian Security Advisory 3877-1
https://notcve.org/view.php?id=CVE-2017-0376
09 Jun 2017 — The hidden-service feature in Tor before 0.3.0.8 allows a denial of service (assertion failure and daemon exit) in the connection_edge_process_relay_cell function via a BEGIN_DIR cell on a rendezvous circuit. La función de servicio oculto en Tor antes de la versión 0.3.0.8 permite una denegación de servicio (fallo de aserción y salida de demonio) en la función connection_edge_process_relay_cell a través de una célula BEGIN_DIR en un circuito de rendezvous It has been discovered that Tor, a connection-based ... • http://www.debian.org/security/2017/dsa-3877 • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 2%CPEs: 5EXPL: 0CVE-2016-8860 – Gentoo Linux Security Advisory 201612-45
https://notcve.org/view.php?id=CVE-2016-8860
24 Dec 2016 — Tor before 0.2.8.9 and 0.2.9.x before 0.2.9.4-alpha had internal functions that were entitled to expect that buf_t data had NUL termination, but the implementation of or/buffers.c did not ensure that NUL termination was present, which allows remote attackers to cause a denial of service (client, hidden service, relay, or authority crash) via crafted data. Tor en versiones anteriores a 0.2.8.9 y 0.2.9.x en versiones anteriores a 0.2.9.4-alpha tenía funciones internas autorizadas a esperar que buf_t data tení... • http://openwall.com/lists/oss-security/2016/10/19/11 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •