Page 6 of 27 results (0.003 seconds)

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

The Hidden Service (HS) server implementation in Tor before 0.2.4.27, 0.2.5.x before 0.2.5.12, and 0.2.6.x before 0.2.6.7 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors. La implementación del servidor Hidden Service (HS) en Tor versiones anteriores a 0.2.4.27, versiones 0.2.5.x anteriores a 0.2.5.12 y versiones 0.2.6.x anteriores a 0.2.6.7, permite a atacantes remotos causar una denegación de servicio (falla de aserción y salida del demonio ) por medio de vectores no especificados. • http://openwall.com/lists/oss-security/2015/04/06/5 https://trac.torproject.org/projects/tor/ticket/15600 •

CVSS: 5.8EPSS: 0%CPEs: 124EXPL: 0

Tor before 0.2.4.23 and 0.2.5 before 0.2.5.6-alpha maintains a circuit after an inbound RELAY_EARLY cell is received by a client, which makes it easier for remote attackers to conduct traffic-confirmation attacks by using the pattern of RELAY and RELAY_EARLY cells as a means of communicating information about hidden service names. Tor anterior a 0.2.4.23 y 0.2.5 anterior a 0.2.5.6-alpha mantiene un circuito después de que un cliente reciba una célula RELAY_EARLY entrante, lo que facilita a atacantes remotos realizar ataques de confirmación de trafico mediante el uso de la pauta de células RELAY y RELAY_EARLY como la manera de comunicar información a cerca de nombres escondidos de servicios. • http://secunia.com/advisories/60084 http://secunia.com/advisories/60647 https://blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-confirmation-attack https://lists.torproject.org/pipermail/tor-announce/2014-July/000093.html https://lists.torproject.org/pipermail/tor-announce/2014-July/000094.html https://lists.torproject.org/pipermail/tor-talk/2014-July/034180.html https://trac.torproject.org/projects/tor/ticket/1038 •