NotCVE - vendor:"Tor" product:"Tor" version:"0.1.0.2"

Page 7 of 82 results (0.004 seconds)

CVSS: 10.0EPSS: 1%CPEs: 160EXPL: 1

CVE-2009-0414

https://notcve.org/view.php?id=CVE-2009-0414

03 Feb 2009 — Unspecified vulnerability in Tor before 0.2.0.33 has unspecified impact and remote attack vectors that trigger heap corruption. Vulnerabilidad sin especificar en Tor anterior a v0.2.0.33 tiene un impacto y vectores de ataque desconocidos que lanzan una corrupción de montículo (heap). • http://archives.seul.org/or/announce/Jan-2009/msg00000.html • CWE-399: Resource Management Errors •

CVSS: 7.8EPSS: 0%CPEs: 100EXPL: 0

CVE-2008-5397

https://notcve.org/view.php?id=CVE-2008-5397

09 Dec 2008 — Tor before 0.2.0.32 does not properly process the (1) User and (2) Group configuration options, which might allow local users to gain privileges by leveraging unintended supplementary group memberships of the Tor process. Tor anterior a v0.2.32 no procesa adecuadamente la configuración de las opciones de (1)usuario (User) y (2) Grupo (group), lo que permitiría a usuarios locales obtener privilegios aprovechando la pertenencia a grupos creados por defecto en los procesos de Tor. • http://blog.torproject.org/blog/tor-0.2.0.32-released • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 9.3EPSS: 0%CPEs: 100EXPL: 0

CVE-2008-5398

https://notcve.org/view.php?id=CVE-2008-5398

09 Dec 2008 — Tor before 0.2.0.32 does not properly process the ClientDNSRejectInternalAddresses configuration option in situations where an exit relay issues a policy-based refusal of a stream, which allows remote exit relays to have an unknown impact by mapping an internal IP address to the destination hostname of a refused stream. Tor anterior a v0.2.0.32 no procesa adecuadamente la opción de configuración ClientDNSRejectInternalAddresses en situaciones donde una cuestión en la salida de transmisión de una política qu... • http://blog.torproject.org/blog/tor-0.2.0.32-released • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 9.8EPSS: 16%CPEs: 16EXPL: 2

CVE-2007-4174 – Tor 0.1.2.15 - ControlPort Missing Authentication Unauthorized Access

https://notcve.org/view.php?id=CVE-2007-4174

07 Aug 2007 — Tor before 0.1.2.16, when ControlPort is enabled, does not properly restrict commands to localhost port 9051, which allows remote attackers to modify the torrc configuration file, compromise anonymity, and have other unspecified impact via HTTP POST data containing commands without valid authentication, as demonstrated by an HTML form (1) hosted on a web site or (2) injected by a Tor exit node. Tor versiones anteriores a 0.1.2.16, cuando ControlPort está habilitado, no restringe apropiadamente los comandos ... • https://www.exploit-db.com/exploits/30447 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 9.1EPSS: 0%CPEs: 24EXPL: 0

CVE-2007-3165

https://notcve.org/view.php?id=CVE-2007-3165

11 Jun 2007 — Tor before 0.1.2.14 can construct circuits in which an entry guard is in the same family as the exit node, which might compromise the anonymity of traffic sources and destinations by exposing traffic to inappropriate remote observers. Tor anterior a 0.1.2.14 puede construir circuitos en los cuales un protector de entrada está en la misma familia que el nodo de la salida, lo cual puede comprometer el anonimato de las fuentes y de los destinatarios del tráfico exponiendo tráfico a los observadores remotos ina... • http://archives.seul.org/or/announce/May-2007/msg00000.html •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2007-1103

https://notcve.org/view.php?id=CVE-2007-1103

26 Feb 2007 — Tor does not verify a node's uptime and bandwidth advertisements, which allows remote attackers who operate a low resource node to make false claims of greater resources, which places the node into use for many circuits and compromises the anonymity of traffic sources and destinations. Tor no verifica el tiempo de funcionamiento y los anuncios de ancho de banda, lo cual permite a atacantes remotos que operan un nodo con bajos recursos afirmar que poseen recursos mayores, lo cual pone el nodo en uso para muc... • http://archives.seul.org/or/talk/Feb-2007/msg00197.html •

CVSS: 7.5EPSS: 1%CPEs: 40EXPL: 0

CVE-2006-4508

https://notcve.org/view.php?id=CVE-2006-4508

31 Aug 2006 — Unspecified vulnerability in (1) Tor 0.1.0.x before 0.1.0.18 and 0.1.1.x before 0.1.1.23, and (2) ScatterChat before 1.0.2, allows remote attackers operating a Tor entry node to route arbitrary Tor traffic through clients or cause a denial of service (flood) via unspecified vectors. Vulnerabilidad no especificada en (1) Tor 0.1.0.x anteriores a 0.1.0.18 y 0.1.1.x anteriores a 0.1.1.23, y (2) ScatterChat anterior a 1.0.2, permite a atacantes remotos operando un "nodo de entrada" en la red Tor encaminar tráfi... • http://archives.seul.org/or/announce/Aug-2006/msg00001.html •

CVSS: 9.1EPSS: 0%CPEs: 68EXPL: 0

CVE-2006-3407

https://notcve.org/view.php?id=CVE-2006-3407

07 Jul 2006 — Tor before 0.1.1.20 allows remote attackers to spoof log entries or possibly execute shell code via strings with non-printable characters. Tor versiones anteriores a la 0.1.1.20 permite a atacantes remotos falsificar entradas de log o posiblemente ejecutar código por consola a través de cadenas de caracteres no imprimibles. • http://secunia.com/advisories/20277 •

CVSS: 7.5EPSS: 1%CPEs: 68EXPL: 0

CVE-2006-3408

https://notcve.org/view.php?id=CVE-2006-3408

07 Jul 2006 — Unspecified vulnerability in the directory server (dirserver) in Tor before 0.1.1.20 allows remote attackers to cause an unspecified denial of service via unknown vectors. Vulnerabilidad sin especificar en el servidor de directorios (dirserver) en Tor antes de 0.1.1.20 permite a atacantes remotos provocar una denegación de servicio no especificada a través de vectores desconocidos. • http://secunia.com/advisories/20277 •

CVSS: 9.8EPSS: 5%CPEs: 68EXPL: 0

CVE-2006-3409

https://notcve.org/view.php?id=CVE-2006-3409

07 Jul 2006 — Integer overflow in Tor before 0.1.1.20 allows remote attackers to execute arbitrary code via crafted large inputs, which result in a buffer overflow when elements are added to smartlists. Desbordamiento de entero en Tor versiones anteriores a la 0.1.1.20, permite a atacantes remotos ejecutar código de su elección a través de entradas largas manipuladas, lo cual provoca un desbordamiento de búfer cuando se añaden elementos a las smartlists • http://secunia.com/advisories/20277 •

1...5 6 7 8 9