Описание
The networkstatus_parse_vote_from_string function in routerparse.c in Tor before 0.2.2.38 does not properly handle an invalid flavor name, which allows remote attackers to cause a denial of service (out-of-bounds read and daemon crash) via a crafted (1) vote document or (2) consensus document.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 0.2.3.22-rc-1 |
| esm-apps/xenial | released | 0.2.3.22-rc-1 |
| esm-infra-legacy/trusty | released | 0.2.3.22-rc-1 |
| hardy | ignored | end of life |
| lucid | DNE | |
| natty | ignored | end of life |
| oneiric | ignored | end of life |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| quantal | released | 0.2.3.22-rc-1 |
Показывать по
5 Medium
CVSS2
Связанные уязвимости
The networkstatus_parse_vote_from_string function in routerparse.c in Tor before 0.2.2.38 does not properly handle an invalid flavor name, which allows remote attackers to cause a denial of service (out-of-bounds read and daemon crash) via a crafted (1) vote document or (2) consensus document.
The networkstatus_parse_vote_from_string function in routerparse.c in ...
The networkstatus_parse_vote_from_string function in routerparse.c in Tor before 0.2.2.38 does not properly handle an invalid flavor name, which allows remote attackers to cause a denial of service (out-of-bounds read and daemon crash) via a crafted (1) vote document or (2) consensus document.
5 Medium
CVSS2