CVE-2010-0384
Severity Score
2.1
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Tor 0.2.2.x before 0.2.2.7-alpha, when functioning as a directory mirror, does not prevent logging of the client IP address upon detection of erroneous client behavior, which might make it easier for local users to discover the identities of clients in opportunistic circumstances by reading log files.
Tor v0.2.2.x anterior a v0.2.2.7-alpha, cuando está funcionando como espejo de directorio, no previene el acceso a la dirección IP cliente al detectar un comportamiento erróneo del cliente, lo que podría facilitar a usuarios locales descubrir las identidades de los clientes en circunstancias favorables, leyendo sus ficheros de registro.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2010-01-25 CVE Reserved
- 2010-01-25 CVE Published
- 2023-03-08 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| http://archives.seul.org/or/talk/Jan-2010/msg00162.html | Mailing List |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Tor Search vendor "Tor" | Tor Search vendor "Tor" for product "Tor" | 0.2.2.1 Search vendor "Tor" for product "Tor" and version "0.2.2.1" | - |
Affected
| ||||||
| Tor Search vendor "Tor" | Tor Search vendor "Tor" for product "Tor" | 0.2.2.1 Search vendor "Tor" for product "Tor" and version "0.2.2.1" | alpha |
Affected
| ||||||
| Tor Search vendor "Tor" | Tor Search vendor "Tor" for product "Tor" | 0.2.2.2 Search vendor "Tor" for product "Tor" and version "0.2.2.2" | - |
Affected
| ||||||
| Tor Search vendor "Tor" | Tor Search vendor "Tor" for product "Tor" | 0.2.2.2 Search vendor "Tor" for product "Tor" and version "0.2.2.2" | alpha |
Affected
| ||||||
| Tor Search vendor "Tor" | Tor Search vendor "Tor" for product "Tor" | 0.2.2.3 Search vendor "Tor" for product "Tor" and version "0.2.2.3" | - |
Affected
| ||||||
| Tor Search vendor "Tor" | Tor Search vendor "Tor" for product "Tor" | 0.2.2.3 Search vendor "Tor" for product "Tor" and version "0.2.2.3" | alpha |
Affected
| ||||||
| Tor Search vendor "Tor" | Tor Search vendor "Tor" for product "Tor" | 0.2.2.4 Search vendor "Tor" for product "Tor" and version "0.2.2.4" | - |
Affected
| ||||||
| Tor Search vendor "Tor" | Tor Search vendor "Tor" for product "Tor" | 0.2.2.4 Search vendor "Tor" for product "Tor" and version "0.2.2.4" | alpha |
Affected
| ||||||
| Tor Search vendor "Tor" | Tor Search vendor "Tor" for product "Tor" | 0.2.2.5 Search vendor "Tor" for product "Tor" and version "0.2.2.5" | - |
Affected
| ||||||
| Tor Search vendor "Tor" | Tor Search vendor "Tor" for product "Tor" | 0.2.2.5 Search vendor "Tor" for product "Tor" and version "0.2.2.5" | alpha |
Affected
| ||||||
| Tor Search vendor "Tor" | Tor Search vendor "Tor" for product "Tor" | 0.2.2.6 Search vendor "Tor" for product "Tor" and version "0.2.2.6" | - |
Affected
| ||||||
| Tor Search vendor "Tor" | Tor Search vendor "Tor" for product "Tor" | 0.2.2.6 Search vendor "Tor" for product "Tor" and version "0.2.2.6" | alpha |
Affected
| ||||||