Page 6 of 80 results (0.001 seconds)

CVSS: 7.5EPSS: 1%CPEs: 207EXPL: 0

CVE-2011-0493

https://notcve.org/view.php?id=CVE-2011-0493

19 Jan 2011 — Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha might allow remote attackers to cause a denial of service (assertion failure and daemon exit) via vectors related to malformed router caches and improper handling of integer values. Tor antes de v0.2.1.29 y v0.2.2.x antes de v0.2.2.21-alfa podría permitir a atacantes remotos provocar una denegación de servicio (error de aserción y salida del demonio) a través de vectores relacionados con caches de Router mal formados y el tratamiento inadecuado de valore... • http://archives.seul.org/or/announce/Jan-2011/msg00000.html • CWE-189: Numeric Errors •

CVSS: 10.0EPSS: 10%CPEs: 145EXPL: 0

CVE-2010-1676

https://notcve.org/view.php?id=CVE-2010-1676

22 Dec 2010 — Heap-based buffer overflow in Tor before 0.2.1.28 and 0.2.2.x before 0.2.2.20-alpha allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors. Desbordamiento de Desbordamiento de búfer basado en montículo en Tor before v0.2.1.28 y v0.2.2.x anterior v0.2.2.20-alpha permite a atacantes remotos causar una denegación de servicio (caída de demonio) o probablemente ejecutar código arbitrario de su elección a través de vectores no especificados. • http://archives.seul.org/or/announce/Dec-2010/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.9EPSS: 0%CPEs: 127EXPL: 0

CVE-2010-0383

https://notcve.org/view.php?id=CVE-2010-0383

25 Jan 2010 — Tor before 0.2.1.22, and 0.2.2.x before 0.2.2.7-alpha, uses deprecated identity keys for certain directory authorities, which makes it easier for man-in-the-middle attackers to compromise the anonymity of traffic sources and destinations. Tor anteriores a v0.2.1.22, y v0.2.2.x anteriores a v0.2.2.7-alpha, utiliza claves de identidad obsoleto para determinadas autoridades de directorio , lo que facilita ataques "man-in-the-middle" para comprometer el anonimato de las fuentes y de los destinos del tráfico. • http://archives.seul.org/or/announce/Jan-2010/msg00000.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.5EPSS: 0%CPEs: 127EXPL: 0

CVE-2010-0385

https://notcve.org/view.php?id=CVE-2010-0385

25 Jan 2010 — Tor before 0.2.1.22, and 0.2.2.x before 0.2.2.7-alpha, when functioning as a bridge directory authority, allows remote attackers to obtain sensitive information about bridge identities and bridge descriptors via a dbg-stability.txt directory query. Tor anterior a v0.2.1.22, y 0.2.2.x anteriores a v0.2.2.7-alpha, cuando funciona como autoridad de directorio puente, permite a atacantes remotos obtener información sensible acerca de las identidades y descriptores puente a través de una consulta al directorio d... • http://archives.seul.org/or/announce/Jan-2010/msg00000.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.5EPSS: 0%CPEs: 30EXPL: 0

CVE-2009-0936

https://notcve.org/view.php?id=CVE-2009-0936

18 Mar 2009 — Unspecified vulnerability in Tor before 0.2.0.34 allows attackers to cause a denial of service (infinite loop) via "corrupt votes." Vulnerabilidad no especificada en Tor anterior a v0.2.0.34 permite a atacantes provocar una denegación de servicio (bucle infinito) a través de "votos corruptos". • http://archives.seul.org/or/announce/Feb-2009/msg00000.html •

CVSS: 7.5EPSS: 0%CPEs: 30EXPL: 0

CVE-2009-0937

https://notcve.org/view.php?id=CVE-2009-0937

18 Mar 2009 — Unspecified vulnerability in Tor before 0.2.0.34 allows directory mirrors to cause a denial of service via unknown vectors. Vulnerabilidad no especificada en Tor anterior a v0.2.0.34 permite replicaciones de directorio que provocan una denegación de servicio a través de vectores desconocidos. • http://archives.seul.org/or/announce/Feb-2009/msg00000.html •

CVSS: 7.5EPSS: 0%CPEs: 30EXPL: 0

CVE-2009-0938

https://notcve.org/view.php?id=CVE-2009-0938

18 Mar 2009 — Unspecified vulnerability in Tor before 0.2.0.34 allows directory mirrors to cause a denial of service (exit node crash) via "malformed input." Vulnerabilidad no especificada en Tor anterior a v0.2.0.34 permite replicaciones de directorios que provocan una denegación de servicio (caída de nodo de salida) a través "entrada malformada". • http://archives.seul.org/or/announce/Feb-2009/msg00000.html •

CVSS: 10.0EPSS: 0%CPEs: 30EXPL: 0

CVE-2009-0939

https://notcve.org/view.php?id=CVE-2009-0939

18 Mar 2009 — Tor before 0.2.0.34 treats incomplete IPv4 addresses as valid, which has unknown impact and attack vectors related to "Spec conformance," as demonstrated using 192.168.0. Tor anterior a v0.2.0.34 trata direcciones IPv4 incompletas como validas, lo que tiene un impacto desconocido y vectores de ataque relacionados con "Spec conformance," como se ha demostrado utilizando 192.168.0. • http://archives.seul.org/or/announce/Feb-2009/msg00000.html •

CVSS: 7.5EPSS: 0%CPEs: 33EXPL: 1

CVE-2009-0654

https://notcve.org/view.php?id=CVE-2009-0654

20 Feb 2009 — Tor 0.2.0.28, and probably 0.2.0.34 and earlier, allows remote attackers, with control of an entry router and an exit router, to confirm that a sender and receiver are communicating via vectors involving (1) replaying, (2) modifying, (3) inserting, or (4) deleting a single cell, and then observing cell recognition errors at the exit router. NOTE: the vendor disputes the significance of this issue, noting that the product's design "accepted end-to-end correlation as an attack that is too expensive to solve."... • http://blog.torproject.org/blog/one-cell-enough •

CVSS: 10.0EPSS: 1%CPEs: 160EXPL: 1

CVE-2009-0414

https://notcve.org/view.php?id=CVE-2009-0414

03 Feb 2009 — Unspecified vulnerability in Tor before 0.2.0.33 has unspecified impact and remote attack vectors that trigger heap corruption. Vulnerabilidad sin especificar en Tor anterior a v0.2.0.33 tiene un impacto y vectores de ataque desconocidos que lanzan una corrupción de montículo (heap). • http://archives.seul.org/or/announce/Jan-2009/msg00000.html • CWE-399: Resource Management Errors •