CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-2689
https://notcve.org/view.php?id=CVE-2015-2689
Tor before 0.2.4.26 and 0.2.5.x before 0.2.5.11 does not properly handle pending-connection resolve states during periods of high DNS load, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via crafted packets. Tor versiones anteriores a 0.2.4.26 y versiones 0.2.5.x anteriores a 0.2.5.11, no maneja apropiadamente los estados de resolución de conexión pendiente durante los períodos de alta carga DNS, lo que permite a atacantes remotos causar una denegación de servicio (falla de aserción y salida del demonio) por medio de paquetes. • https://lists.torproject.org/pipermail/tor-talk/2015-March/037281.html https://trac.torproject.org/projects/tor/ticket/14129 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 1%CPEs: 19EXPL: 0CVE-2019-8955
https://notcve.org/view.php?id=CVE-2019-8955
In Tor before 0.3.3.12, 0.3.4.x before 0.3.4.11, 0.3.5.x before 0.3.5.8, and 0.4.x before 0.4.0.2-alpha, remote denial of service against Tor clients and relays can occur via memory exhaustion in the KIST cell scheduler. En Tor, en versiones anteriores a la 0.3.3.12, en las 0.3.4.x anteriores a la 0.3.4.11, en las 0.3.5.x anteriores a la 0.3.5.8 y en las 0.4.x anteriores a la 0.4.0.2-alpha, puede ocurrir una denegación de servicio (DoS) remota contra los clientes Tor, además de reproducciones mediante el agotamiento de memoria en el programador "KIST cell". • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00013.html http://www.securityfocus.com/bid/107136 https://blog.torproject.org/new-releases-tor-0402-alpha-0358-03411-and-03312 https://trac.torproject.org/projects/tor/ticket/29168 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 0CVE-2018-0490
https://notcve.org/view.php?id=CVE-2018-0490
An issue was discovered in Tor before 0.2.9.15, 0.3.1.x before 0.3.1.10, and 0.3.2.x before 0.3.2.10. The directory-authority protocol-list subprotocol implementation allows remote attackers to cause a denial of service (NULL pointer dereference and directory-authority crash) via a misformatted relay descriptor that is mishandled during voting. Se ha descubierto un problema en Tor en versiones anteriores a la 0.2.9.15, versiones 0.3.1.x anteriores a la 0.3.1.10 y versiones 0.3.2.x anteriores a la 0.3.2.10. La implementación del subprotocolo directory-authority protocol-list permite que atacantes remotos provoquen una denegación de servicio (desreferencia de puntero NULL y cierre inesperado de directory-authority) mediante un descriptor de relevo con formato erróneo que se gestiona de manera incorrecta durante la votación. • https://blog.torproject.org/new-stable-tor-releases-security-fixes-and-dos-prevention-03210-03110-02915 https://trac.torproject.org/projects/tor/ticket/25074 https://www.debian.org/security/2018/dsa-4183 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 4%CPEs: 1EXPL: 1CVE-2018-0491 – Tor Browser < 0.3.2.10 - Use After Free (PoC)
https://notcve.org/view.php?id=CVE-2018-0491
A use-after-free issue was discovered in Tor 0.3.2.x before 0.3.2.10. It allows remote attackers to cause a denial of service (relay crash) because the KIST implementation allows a channel to be added more than once in the pending list. Se ha descubierto un problema de uso de memoria previamente liberada en Tor, en versiones 0.3.2.x anteriores a la 0.3.2.10. Permite que atacantes remotos provoquen una denegación de servicio (cierre inesperado del relevo) debido a que la implementación KIST permite que un canal se añada más de una vez en la lista de pendientes. Tor Browser versions 0.3.2.x before 0.3.2.10 suffer from a use-after-free vulnerability that can result in a denial of service condition. • https://www.exploit-db.com/exploits/44994 https://blog.torproject.org/new-stable-tor-releases-security-fixes-and-dos-prevention-03210-03110-02915 https://trac.torproject.org/projects/tor/ticket/24700 https://trac.torproject.org/projects/tor/ticket/25117 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 4%CPEs: 8EXPL: 0CVE-2016-1254
https://notcve.org/view.php?id=CVE-2016-1254
Tor before 0.2.8.12 might allow remote attackers to cause a denial of service (client crash) via a crafted hidden service descriptor. Tor, en versiones anteriores a la 0.2.8.12 podría permitir que los atacantes remotos provoquen una denegación de servicio (cierre inesperado del cliente) mediante un descriptor de servicio oculto manipulado. • http://lists.opensuse.org/opensuse-updates/2016-12/msg00154.html http://lists.opensuse.org/opensuse-updates/2016-12/msg00155.html https://blog.torproject.org/blog/tor-02812-released https://gitweb.torproject.org/tor.git/commit/?id=d978216dea6b21ac38230a59d172139185a68dbd https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FXOJSMCTIOHLBRYFBVEL3CDLGPZXX6WE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTU2R253477RZLYAJAR5DAXAON7KIVLA https://trac. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •