Описание
Tor before 0.4.5.7 allows a remote participant in the Tor directory protocol to exhaust CPU resources on a target, aka TROVE-2021-001.
Tor before 0.4.5.7 allows a remote participant in the Tor directory protocol to exhaust CPU resources on a target, aka TROVE-2021-001.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2021-28089
- https://blog.torproject.org/node/2009
- https://gitlab.torproject.org/tpo/core/tor/-/issues/40304
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HPDXB2GZHG3VNOTWSXQ3QZVHNV76WCU5
- https://security.gentoo.org/glsa/202107-25
Связанные уязвимости
CVSS3: 7.5
ubuntu
почти 5 лет назад
Tor before 0.4.5.7 allows a remote participant in the Tor directory protocol to exhaust CPU resources on a target, aka TROVE-2021-001.
CVSS3: 7.5
nvd
почти 5 лет назад
Tor before 0.4.5.7 allows a remote participant in the Tor directory protocol to exhaust CPU resources on a target, aka TROVE-2021-001.
CVSS3: 7.5
debian
почти 5 лет назад
Tor before 0.4.5.7 allows a remote participant in the Tor directory pr ...
CVSS3: 7.5
fstec
почти 5 лет назад
Уязвимость функции dump_desc() браузера Tor, позволяющая нарушителю вызвать отказ в обслуживании
