Описание
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, the replay-cache protection mechanism is ineffective for v2 onion services, aka TROVE-2017-009. An attacker can send many INTRODUCE2 cells to trigger this issue.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | released | 0.3.0.13-0ubuntu1~17.10.2 |
| bionic | not-affected | 0.3.1.9-1 |
| cosmic | not-affected | 0.3.1.9-1 |
| devel | not-affected | 0.3.1.9-1 |
| esm-apps/bionic | not-affected | 0.3.1.9-1 |
| esm-apps/xenial | released | 0.2.9.14-1ubuntu1~16.04.2 |
| esm-infra-legacy/trusty | released | 0.2.4.27-1ubuntu0.1 |
| precise/esm | DNE | |
| trusty | released | 0.2.4.27-1ubuntu0.1 |
| trusty/esm | released | 0.2.4.27-1ubuntu0.1 |
Показывать по
EPSS
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, the replay-cache protection mechanism is ineffective for v2 onion services, aka TROVE-2017-009. An attacker can send many INTRODUCE2 cells to trigger this issue.
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 bef ...
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, the replay-cache protection mechanism is ineffective for v2 onion services, aka TROVE-2017-009. An attacker can send many INTRODUCE2 cells to trigger this issue.
EPSS
5 Medium
CVSS2
7.5 High
CVSS3