CVSS: 8.1EPSS: 0%CPEs: 7EXPL: 0CVE-2017-8823
https://notcve.org/view.php?id=CVE-2017-8823
03 Dec 2017 — In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, there is a use-after-free in onion service v2 during intro-point expiration because the expiring list is mismanaged in certain error cases, aka TROVE-2017-013. En Tor, en versiones anteriores a la 0.2.5.16; de la versión 0.2.6 hasta la 0.2.8 anterior a la 0.2.8.17: versiones 0.2.9 anteriores a la 0.2.9.14; versiones 0.3.0 anteriores a la 0.3.0.13 y versiones 0.3.1 anteriores a... • https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516 • CWE-416: Use After Free •
CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 0CVE-2017-8822
https://notcve.org/view.php?id=CVE-2017-8822
03 Dec 2017 — In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, relays (that have incompletely downloaded descriptors) can pick themselves in a circuit path, leading to a degradation of anonymity, aka TROVE-2017-012. En Tor, en versiones anteriores a la 0.2.5.16; de la versión 0.2.6 hasta la 0.2.8 anterior a la 0.2.8.17; versiones 0.2.9 anteriores a la 0.2.9.14; versiones 0.3.0 anteriores a la 0.3.0.13 y versiones 0.3.1 anteriores a la 0.3... • https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516 • CWE-417: Communication Channel Errors •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2017-8820
https://notcve.org/view.php?id=CVE-2017-8820
03 Dec 2017 — In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, remote attackers can cause a denial of service (NULL pointer dereference and application crash) against directory authorities via a malformed descriptor, aka TROVE-2017-010. En Tor, en versiones anteriores a la 0.2.5.16; de la versión 0.2.6 hasta la 0.2.8 anterior a la 0.2.8.17, versiones 0.2.9 anteriores a la 0.2.9.14; versiones 0.3.0 anteriores a la 0.3.0.13 y versiones 0.3.... • https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 18EXPL: 3CVE-2017-16541 – Mozilla: Proxy bypass using automount and autofs
https://notcve.org/view.php?id=CVE-2017-16541
04 Nov 2017 — Tor Browser before 7.0.9 on macOS and Linux allows remote attackers to bypass the intended anonymity feature and discover a client IP address via vectors involving a crafted web site that leverages file:// mishandling in Firefox, aka TorMoil. NOTE: Tails is unaffected. El navegador Tor en versiones anteriores a la 7.0.9 en macOS y Linux permite que atacantes remotos sin omitan las características de anonimato previstas y descubran una dirección IP de cliente mediante vectores que impliquen un sitio web mani... • https://packetstorm.news/files/id/149298 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 0%CPEs: 31EXPL: 0CVE-2017-0380 – Debian Security Advisory 3993-1
https://notcve.org/view.php?id=CVE-2017-0380
18 Sep 2017 — The rend_service_intro_established function in or/rendservice.c in Tor before 0.2.8.15, 0.2.9.x before 0.2.9.12, 0.3.0.x before 0.3.0.11, 0.3.1.x before 0.3.1.7, and 0.3.2.x before 0.3.2.1-alpha, when SafeLogging is disabled, allows attackers to obtain sensitive information by leveraging access to the log files of a hidden service, because uninitialized stack data is included in an error message about construction of an introduction point circuit. La función rend_service_intro_established en or/rendservice.... • http://www.debian.org/security/2017/dsa-3993 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-11565
https://notcve.org/view.php?id=CVE-2017-11565
23 Jul 2017 — debian/tor.init in the Debian tor_0.2.9.11-1~deb9u1 package for Tor was designed to execute aa-exec from the standard system pathname if the apparmor package is installed, but implements this incorrectly (with a wrong assumption that the specific pathname would remain the same forever), which allows attackers to bypass intended AppArmor restrictions by leveraging the silent loss of this protection mechanism. NOTE: this does not affect systems, such as default Debian stretch installations, on which Tor start... • http://www.securityfocus.com/bid/99933 •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2017-0377
https://notcve.org/view.php?id=CVE-2017-0377
02 Jul 2017 — Tor 0.3.x before 0.3.0.9 has a guard-selection algorithm that only considers the exit relay (not the exit relay's family), which might allow remote attackers to defeat intended anonymity properties by leveraging the existence of large families. Las versiones 0.3.x de Tor anteriores a la 0.3.0.9 cuentan con un algoritmo de selección de restricciones que solo considera el exit relay (no la familia del exit relay), lo que podría permitir que atacantes remotos superen las propiedades de anonimato planeadas apro... • https://blog.torproject.org/blog/tor-0309-released-security-update-clients • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0375
https://notcve.org/view.php?id=CVE-2017-0375
09 Jun 2017 — The hidden-service feature in Tor before 0.3.0.8 allows a denial of service (assertion failure and daemon exit) in the relay_send_end_cell_from_edge_ function via a malformed BEGIN cell. La función de servicio oculto en Tor antes de la versión 0.3.0.8 permite una denegación de servicio (fallo de aserción y salida de demonio) en la función relay_send_end_cell_from_edge_ a través de una llamada BEGIN con formato incorrecto. • http://www.securityfocus.com/bid/99017 • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-0376 – Debian Security Advisory 3877-1
https://notcve.org/view.php?id=CVE-2017-0376
09 Jun 2017 — The hidden-service feature in Tor before 0.3.0.8 allows a denial of service (assertion failure and daemon exit) in the connection_edge_process_relay_cell function via a BEGIN_DIR cell on a rendezvous circuit. La función de servicio oculto en Tor antes de la versión 0.3.0.8 permite una denegación de servicio (fallo de aserción y salida de demonio) en la función connection_edge_process_relay_cell a través de una célula BEGIN_DIR en un circuito de rendezvous It has been discovered that Tor, a connection-based ... • http://www.debian.org/security/2017/dsa-3877 • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 2%CPEs: 5EXPL: 0CVE-2016-8860 – Gentoo Linux Security Advisory 201612-45
https://notcve.org/view.php?id=CVE-2016-8860
24 Dec 2016 — Tor before 0.2.8.9 and 0.2.9.x before 0.2.9.4-alpha had internal functions that were entitled to expect that buf_t data had NUL termination, but the implementation of or/buffers.c did not ensure that NUL termination was present, which allows remote attackers to cause a denial of service (client, hidden service, relay, or authority crash) via crafted data. Tor en versiones anteriores a 0.2.8.9 y 0.2.9.x en versiones anteriores a 0.2.9.4-alpha tenía funciones internas autorizadas a esperar que buf_t data tení... • http://openwall.com/lists/oss-security/2016/10/19/11 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •