Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2017-0377

Опубликовано: 02 июл. 2017
Источник: nvd
CVSS3: 7.5
CVSS2: 5
EPSS Низкий

Описание

Tor 0.3.x before 0.3.0.9 has a guard-selection algorithm that only considers the exit relay (not the exit relay's family), which might allow remote attackers to defeat intended anonymity properties by leveraging the existence of large families.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:torproject:tor:0.3.0.1:alpha:*:*:*:*:*:*
cpe:2.3:a:torproject:tor:0.3.0.2:alpha:*:*:*:*:*:*
cpe:2.3:a:torproject:tor:0.3.0.3:alpha:*:*:*:*:*:*
cpe:2.3:a:torproject:tor:0.3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor:0.3.0.5:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor:0.3.0.6:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor:0.3.0.7:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor:0.3.0.8:*:*:*:*:*:*:*

EPSS

Процентиль: 64%
0.00476
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

ubuntu логотип

CVE-2017-0377

CVSS3: 7.5
ubuntu
больше 8 лет назад

Tor 0.3.x before 0.3.0.9 has a guard-selection algorithm that only considers the exit relay (not the exit relay's family), which might allow remote attackers to defeat intended anonymity properties by leveraging the existence of large families.

debian логотип

CVE-2017-0377

CVSS3: 7.5
debian
больше 8 лет назад

Tor 0.3.x before 0.3.0.9 has a guard-selection algorithm that only con ...

github логотип

GHSA-vxgf-qp88-w686

CVSS3: 7.5
github
больше 3 лет назад

Tor 0.3.x before 0.3.0.9 has a guard-selection algorithm that only considers the exit relay (not the exit relay's family), which might allow remote attackers to defeat intended anonymity properties by leveraging the existence of large families.

EPSS

Процентиль: 64%
0.00476
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-200