CVE-2007-4174
Tor 0.1.2.15 - ControlPort Missing Authentication Unauthorized Access
Severity Score
5.8
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Tor before 0.1.2.16, when ControlPort is enabled, does not properly restrict commands to localhost port 9051, which allows remote attackers to modify the torrc configuration file, compromise anonymity, and have other unspecified impact via HTTP POST data containing commands without valid authentication, as demonstrated by an HTML form (1) hosted on a web site or (2) injected by a Tor exit node.
Tor versiones anteriores a 0.1.2.16, cuando ControlPort está habilitado, no restringe apropiadamente los comandos al puerto localhost 9051, lo que permite a atacantes remotos modificar el archivo de configuración de torrc, comprometer el anonimato y presentar otro impacto no especificado por medio de datos POST HTTP que contienen comandos sin autenticación válida, como es demostrado por un formulario HTML (1) alojado en un sitio web o (2) inyectado por un nodo de salida Tor.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2007-08-02 First Exploit
- 2007-08-07 CVE Reserved
- 2007-08-07 CVE Published
- 2024-07-18 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (11)
| URL | Tag | Source |
|---|---|---|
| http://archives.seul.org/or/announce/Aug-2007/msg00000.html | Mailing List | |
| http://archives.seul.org/or/announce/Sep-2007/msg00000.html | Mailing List | |
| http://osvdb.org/36271 | Vdb Entry | |
| http://www.securityfocus.com/bid/25188 | Vdb Entry | |
| http://www.securitytracker.com/id?1018510 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/35784 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/36407 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/30447 | 2007-08-02 | |
| https://www.exploit-db.com/exploits/4468 | 2007-09-29 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/26301 | 2017-07-29 | |
| http://www.vupen.com/english/advisories/2007/2768 | 2017-07-29 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Tor Search vendor "Tor" | Tor Search vendor "Tor" for product "Tor" | <= 0.1.2.15 Search vendor "Tor" for product "Tor" and version " <= 0.1.2.15" | - |
Affected
| ||||||
| Tor Search vendor "Tor" | Tor Search vendor "Tor" for product "Tor" | 0.1.2.1 Search vendor "Tor" for product "Tor" and version "0.1.2.1" | alpha |
Affected
| ||||||
| Tor Search vendor "Tor" | Tor Search vendor "Tor" for product "Tor" | 0.1.2.2 Search vendor "Tor" for product "Tor" and version "0.1.2.2" | - |
Affected
| ||||||
| Tor Search vendor "Tor" | Tor Search vendor "Tor" for product "Tor" | 0.1.2.3 Search vendor "Tor" for product "Tor" and version "0.1.2.3" | alpha |
Affected
| ||||||
| Tor Search vendor "Tor" | Tor Search vendor "Tor" for product "Tor" | 0.1.2.4 Search vendor "Tor" for product "Tor" and version "0.1.2.4" | - |
Affected
| ||||||
| Tor Search vendor "Tor" | Tor Search vendor "Tor" for product "Tor" | 0.1.2.5 Search vendor "Tor" for product "Tor" and version "0.1.2.5" | - |
Affected
| ||||||
| Tor Search vendor "Tor" | Tor Search vendor "Tor" for product "Tor" | 0.1.2.5 Search vendor "Tor" for product "Tor" and version "0.1.2.5" | alpha |
Affected
| ||||||
| Tor Search vendor "Tor" | Tor Search vendor "Tor" for product "Tor" | 0.1.2.6 Search vendor "Tor" for product "Tor" and version "0.1.2.6" | alpha |
Affected
| ||||||
| Tor Search vendor "Tor" | Tor Search vendor "Tor" for product "Tor" | 0.1.2.7 Search vendor "Tor" for product "Tor" and version "0.1.2.7" | alpha |
Affected
| ||||||
| Tor Search vendor "Tor" | Tor Search vendor "Tor" for product "Tor" | 0.1.2.8 Search vendor "Tor" for product "Tor" and version "0.1.2.8" | beta |
Affected
| ||||||
| Tor Search vendor "Tor" | Tor Search vendor "Tor" for product "Tor" | 0.1.2.9 Search vendor "Tor" for product "Tor" and version "0.1.2.9" | - |
Affected
| ||||||
| Tor Search vendor "Tor" | Tor Search vendor "Tor" for product "Tor" | 0.1.2.10 Search vendor "Tor" for product "Tor" and version "0.1.2.10" | - |
Affected
| ||||||
| Tor Search vendor "Tor" | Tor Search vendor "Tor" for product "Tor" | 0.1.2.11 Search vendor "Tor" for product "Tor" and version "0.1.2.11" | - |
Affected
| ||||||
| Tor Search vendor "Tor" | Tor Search vendor "Tor" for product "Tor" | 0.1.2.12 Search vendor "Tor" for product "Tor" and version "0.1.2.12" | - |
Affected
| ||||||
| Tor Search vendor "Tor" | Tor Search vendor "Tor" for product "Tor" | 0.1.2.13 Search vendor "Tor" for product "Tor" and version "0.1.2.13" | - |
Affected
| ||||||
| Tor Search vendor "Tor" | Tor Search vendor "Tor" for product "Tor" | 0.1.2.14 Search vendor "Tor" for product "Tor" and version "0.1.2.14" | - |
Affected
| ||||||