CVE-2007-4099

Опубликовано: 30 июл. 2007

Источник: nvd

CVSS2: 5.8

EPSS Низкий

Описание

Tor before 0.1.2.15 can select a guard node beyond the first listed never-before-connected-to guard node, which allows remote attackers with control of certain guard nodes to obtain sensitive information and possibly leverage further attacks.

Ссылки

http://archives.seul.org/or/announce/Jul-2007/msg00000.html
Patch
http://osvdb.org/46971
http://secunia.com/advisories/26140
Patch
Vendor Advisory
http://www.securityfocus.com/bid/25035
Patch
http://www.vupen.com/english/advisories/2007/2634
http://archives.seul.org/or/announce/Jul-2007/msg00000.html
Patch
http://osvdb.org/46971
http://secunia.com/advisories/26140
Patch
Vendor Advisory
http://www.securityfocus.com/bid/25035
Patch
http://www.vupen.com/english/advisories/2007/2634

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:tor:tor:0.1.0.10:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.11:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.12:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.13:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.14:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.0.18:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.1.1_alpha:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.1.2_alpha:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.1.3_alpha:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.1.4_alpha:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.1.5_alpha:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.1.20:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.1.23:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.2.1_alpha-cvs:*:*:*:*:*:*:*

cpe:2.3:a:tor:tor:0.1.2.14:*:*:*:*:*:*:*

EPSS

Процентиль: 73%

0.00768

Низкий

5.8 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

CVE-2007-4099

ubuntu

около 18 лет назад

CVE-2007-4099

debian

около 18 лет назад

Tor before 0.1.2.15 can select a guard node beyond the first listed ne ...

GHSA-hvww-3pcr-wpmj

github

больше 3 лет назад

EPSS

Процентиль: 73%

0.00768

Низкий

5.8 Medium

CVSS2

Дефекты

NVD-CWE-Other