Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2021-34548  

A security issue has been found in Tor before version 0.4.5.9. Relays could spoof RELAY_END or RELAY_RESOLVED cell on half-closed streams because clients failed to validate which hop sent these cells. This would allow a relay on a circuit to end a stream that wasn't actually built with it.

Source
Severity Medium

Remote Yes

Type Insufficient validation

Description 

A security issue has been found in Tor before version 0.4.5.9. Relays could spoof RELAY_END or RELAY_RESOLVED cell on half-closed streams because clients failed to validate which hop sent these cells. This would allow a relay on a circuit to end a stream that wasn't actually built with it.

AVG-2075 tor 0.4.5.8-2 0.4.5.9-1 Medium Fixed 

https://blog.torproject.org/node/2041
https://gitlab.torproject.org/tpo/core/tor/-/issues/40389
https://gitlab.torproject.org/tpo/core/tor/-/commit/adb248b6d6e0779719e6b873ee12a1e22fa390f4

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started