Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

tor tor 0.1.2.14 vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2007-4174
Tor prior to 0.1.2.16, when ControlPort is enabled, does not properly restrict commands to localhost port 9051, which allows remote malicious users to modify the torrc configuration file, compromise anonymity, and have other unspecified impact via HTTP POST data containing comman...
Tor TorTor Tor 0.1.2.8Tor Tor 0.1.2.7Tor Tor 0.1.2.10Tor Tor 0.1.2.9Tor Tor 0.1.2.1Tor Tor 0.1.2.2Tor Tor 0.1.2.14Tor Tor 0.1.2.13Tor Tor 0.1.2.6Tor Tor 0.1.2.5Tor Tor 0.1.2.12Tor Tor 0.1.2.11Tor Tor 0.1.2.4Tor Tor 0.1.2.3
NA
CVE-2007-4099
Tor prior to 0.1.2.15 can select a guard node beyond the first listed never-before-connected-to guard node, which allows remote attackers with control of certain guard nodes to obtain sensitive information and possibly leverage further attacks.
Tor Tor 0.1.0.10Tor Tor 0.1.1.20Tor Tor 0.1.1.23Tor Tor 0.1.0.11Tor Tor 0.1.0.12Tor Tor 0.1.1.3 AlphaTor Tor 0.1.1.4 AlphaTor Tor 0.1.0.13Tor Tor 0.1.0.14Tor Tor 0.1.0.18Tor Tor 0.1.1.5 AlphaTor Tor 0.1.2.1 Alpha-cvsTor Tor 0.1.1.1 AlphaTor Tor 0.1.1.2 AlphaTor Tor 0.1.2.14
NA
CVE-2007-4096
Buffer overflow in Tor prior to 0.1.2.15, when using BSD natd support, allows remote malicious users to cause a denial of service via unspecified vectors.
Tor Tor 0.1.0.11Tor Tor 0.1.0.12Tor Tor 0.1.1.3 AlphaTor Tor 0.1.1.1 AlphaTor Tor 0.1.1.2 AlphaTor Tor 0.1.2.14Tor Tor 0.1.0.10Tor Tor 0.1.1.20Tor Tor 0.1.1.23Tor Tor 0.1.1.4 AlphaTor Tor 0.1.0.13Tor Tor 0.1.0.14Tor Tor 0.1.0.18Tor Tor 0.1.1.5 AlphaTor Tor 0.1.2.1 Alpha-cvs
NA
CVE-2007-4097
Tor prior to 0.1.2.15 sends "destroy cells" containing the reason for tearing down a circuit, which allows remote malicious users to obtain sensitive information, contrary to specifications.
Tor Tor 0.1.1.1 AlphaTor Tor 0.1.1.2 AlphaTor Tor 0.1.0.10Tor Tor 0.1.0.11Tor Tor 0.1.1.20Tor Tor 0.1.1.23Tor Tor 0.1.0.12Tor Tor 0.1.0.13Tor Tor 0.1.1.3 AlphaTor Tor 0.1.1.4 AlphaTor Tor 0.1.0.14Tor Tor 0.1.0.18Tor Tor 0.1.1.5 AlphaTor Tor 0.1.2.1 Alpha-cvsTor Tor 0.1.2.14
NA
CVE-2007-4098
Tor prior to 0.1.2.15 does not properly distinguish "streamids from different exits," which might allow remote attackers with control over Tor routers to inject cells into arbitrary streams.
Tor Tor 0.1.0.10Tor Tor 0.1.1.2 AlphaTor Tor 0.1.1.20Tor Tor 0.1.0.11Tor Tor 0.1.0.12Tor Tor 0.1.1.23Tor Tor 0.1.1.3 AlphaTor Tor 0.1.0.13Tor Tor 0.1.0.14Tor Tor 0.1.1.4 AlphaTor Tor 0.1.1.5 AlphaTor Tor 0.1.0.18Tor Tor 0.1.1.1 AlphaTor Tor 0.1.2.1 Alpha-cvsTor Tor 0.1.2.14
NA
CVE-2007-3165
Tor prior to 0.1.2.14 can construct circuits in which an entry guard is in the same family as the exit node, which might compromise the anonymity of traffic sources and destinations by exposing traffic to inappropriate remote observers.
Tor Tor 0.0.9.2Tor Tor 0.0.9.3Tor Tor 0.1.0.11Tor Tor 0.1.0.12Tor Tor 0.1.1.3 AlphaTor Tor 0.1.1.4 AlphaTor Tor 0.0.9.1Tor Tor 0.0.9.10Tor Tor 0.0.9.8Tor Tor 0.0.9.9Tor Tor 0.1.0.10Tor Tor 0.1.1.20Tor Tor 0.1.1.23Tor Tor 0.0.9.4Tor Tor 0.0.9.5Tor Tor 0.1.0.13Tor Tor 0.1.0.14Tor Tor 0.1.1.5 AlphaTor Tor 0.1.2.1 Alpha-cvsTor Tor 0.0.9Tor Tor 0.0.9.6Tor Tor 0.0.9.7
NA
CVE-2008-5397
Tor prior to 0.2.0.32 does not properly process the (1) User and (2) Group configuration options, which might allow local users to gain privileges by leveraging unintended supplementary group memberships of the Tor process.
Tor Tor 0.0.7.1Tor Tor 0.0.7Tor Tor 0.0.6.2Tor Tor 0.0.2 Pre26Tor Tor 0.0.2 Pre25Tor Tor 0.0.9.8Tor Tor 0.0.9.9Tor Tor 0.0.9.10Tor Tor 0.0.2 Pre21Tor Tor 0.0.2 Pre20Tor Tor 0.0.2 Pre13Tor Tor 0.1.1.7Tor Tor 0.1.1.6 AlphaTor Tor 0.1.1.26Tor Tor 0.1.1.6Tor Tor 0.1.0.5Tor Tor 0.1.0.8Tor Tor 0.1.0.15Tor Tor 0.1.0.18Tor Tor 0.1.1.2Tor Tor 0.1.1.2 AlphaTor Tor 0.1.1.12
NA
CVE-2008-5398
Tor prior to 0.2.0.32 does not properly process the ClientDNSRejectInternalAddresses configuration option in situations where an exit relay issues a policy-based refusal of a stream, which allows remote exit relays to have an unknown impact by mapping an internal IP address to th...
Tor Tor 0.0.7.1Tor Tor 0.0.7Tor Tor 0.0.2 Pre27Tor Tor 0.0.2 Pre26Tor Tor 0.1.0.10Tor Tor 0.0.9.8Tor Tor 0.0.9.9Tor Tor 0.0.9.1Tor Tor 0.0.9.10Tor Tor 0.0.2 Pre19Tor Tor 0.0.2 Pre20Tor Tor 0.1.1.7Tor Tor 0.1.1.6 AlphaTor Tor 0.1.1.3Tor Tor 0.1.1.26Tor Tor 0.1.0.6Tor Tor 0.1.0.5Tor Tor 0.0.8.1Tor Tor 0.0.8Tor Tor 0.0.6Tor Tor 0.0.5Tor Tor 0.1.0.14
NA
CVE-2010-0383
Tor prior to 0.2.1.22, and 0.2.2.x prior to 0.2.2.7-alpha, uses deprecated identity keys for certain directory authorities, which makes it easier for man-in-the-middle malicious users to compromise the anonymity of traffic sources and destinations.
Tor Tor 0.2.1.1.13Tor Tor 0.2.1.1.14Tor Tor 0.2.1.1.21Tor Tor 0.0.9Tor Tor 0.0.6.1Tor Tor 0.0.6Tor Tor 0.1.0.13Tor Tor 0.1.0.14Tor Tor 0.0.9.6Tor Tor 0.0.9.7Tor Tor 0.1.2.13Tor Tor 0.1.2.10Tor Tor 0.1.1Tor Tor 0.0.2 Pre18Tor Tor 0.0.2 Pre16Tor Tor 0.0.2Tor Tor 0.1.1.8Tor Tor 0.1.1.8 AlphaTor Tor 0.1.1.4Tor Tor 0.1.1.4 AlphaTor Tor 0.1.0.6Tor Tor 0.1.0.16
NA
CVE-2010-0385
Tor prior to 0.2.1.22, and 0.2.2.x prior to 0.2.2.7-alpha, when functioning as a bridge directory authority, allows remote malicious users to obtain sensitive information about bridge identities and bridge descriptors via a dbg-stability.txt directory query.
Tor Tor 0.2.1.1.12Tor Tor 0.2.1.1.13Tor Tor 0.2.1.1.14Tor Tor 0.2.1.1.15Tor Tor 0.2.1.1.16Tor Tor 0.0.6.2Tor Tor 0.0.6.1Tor Tor 0.0.6Tor Tor 0.0.5Tor Tor 0.0.9.6Tor Tor 0.0.9.7Tor Tor 0.0.9.4Tor Tor 0.0.9.5Tor Tor 0.1.1Tor Tor 0.0.2 Pre18Tor Tor 0.0.2 Pre19Tor Tor 0.2.1.1.21Tor Tor 0.0.9Tor Tor 0.0.8.1Tor Tor 0.0.8Tor Tor 0.0.2 Pre25Tor Tor 0.1.0.13
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-29895injectCVE-2023-52689CVE-2024-5049CVE-2024-5051privilege escalationphysicalCVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook