Required CVE Record Information
Description
Tor before 0.1.1.20 allows remote attackers to identify hidden services via a malicious Tor server that attempts a large number of accesses of the hidden service, which eventually causes a circuit to be built through the malicious server.
References 9 Total
- securityfocus.com: 19795 vdb-entry
- secunia.com: 18576 third-party-advisory
- exchange.xforce.ibmcloud.com: tor-service-information-disclosure(24285) vdb-entry
- securityfocus.com: 18323 vdb-entry
- osvdb.org: 22689 vdb-entry
- secunia.com: 20514 third-party-advisory
- security.gentoo.org: GLSA-200606-04 vendor-advisory
- http://tor.eff.org/cvs/tor/ChangeLog
- http://archives.seul.org/or/announce/Jan-2006/msg00001.html
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 9 Total
- securityfocus.com: 19795 vdb-entryx_transferred
- secunia.com: 18576 third-party-advisoryx_transferred
- exchange.xforce.ibmcloud.com: tor-service-information-disclosure(24285) vdb-entryx_transferred
- securityfocus.com: 18323 vdb-entryx_transferred
- osvdb.org: 22689 vdb-entryx_transferred
- secunia.com: 20514 third-party-advisoryx_transferred
- security.gentoo.org: GLSA-200606-04 vendor-advisoryx_transferred
- http://tor.eff.org/cvs/tor/ChangeLog x_transferred
- http://archives.seul.org/or/announce/Jan-2006/msg00001.html x_transferred