CVE-2006-3418

Опубликовано: 07 июл. 2006

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Tor before 0.1.1.20 does not validate that a server descriptor's fingerprint line matches its identity key, which allows remote attackers to spoof the fingerprint line, which might be trusted by users or other applications.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:tor:tor:0.0.2:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.2_pre13:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.2_pre14:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.2_pre15:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.2_pre16:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.2_pre17:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.2_pre18:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.2_pre19:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.2_pre20:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.2_pre21:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.2_pre22:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.2_pre23:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.2_pre24:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.2_pre25:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.2_pre26:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.2_pre27:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.3:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.4:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.5:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.6:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.6.1:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.6.2:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.7:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.7.1:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.7.2:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.7.3:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.8:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.8.1:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.9:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.9.1:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.9.2:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.9.3:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.9.4:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.9.5:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.9.6:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.9.7:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.9.8:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.9.9:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.0.9.10:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.2:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.3:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.4:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.5:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.6:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.7:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.8:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.9:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.10:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.11:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.12:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.13:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.14:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.15:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.16:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.17:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.18:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.19:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.1.1_alpha:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.1.2_alpha:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.1.3_alpha:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.1.4_alpha:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.1.5_alpha:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.1.6_alpha:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.1.7_alpha:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.1.8_alpha:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.1.9_alpha:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.1.10_alpha:*:*:*:*:*:*:*

EPSS

Процентиль: 64%

0.00477

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

CVE-2006-3418

ubuntu

около 19 лет назад

CVE-2006-3418

debian

около 19 лет назад

Tor before 0.1.1.20 does not validate that a server descriptor's finge ...

GHSA-xjm4-pmg6-w3h9

github

больше 3 лет назад

EPSS

Процентиль: 64%

0.00477

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other