Published: 07/07/2006 Updated: 05/09/2008

CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10

VMScore: 570

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N

TLS handshakes in Tor prior to 0.1.1.20 generate public-private keys based on TLS context rather than the connection, which makes it easier for remote malicious users to conduct brute force attacks on the encryption keys.

Vulnerable Product	Search on Vulmon	Subscribe to Product
tor tor 0.0.2
tor tor 0.0.2_pre13
tor tor 0.0.2_pre14
tor tor 0.0.3
tor tor 0.0.4
tor tor 0.0.5
tor tor 0.0.6
tor tor 0.0.9.4
tor tor 0.0.9.5
tor tor 0.0.9.6
tor tor 0.0.9.7
tor tor 0.1.0.19
tor tor 0.1.0.2
tor tor 0.1.0.3
tor tor 0.1.0.4
tor tor 0.1.1.8_alpha
tor tor 0.1.1.9_alpha
tor tor 0.0.2_pre19
tor tor 0.0.2_pre20
tor tor 0.0.2_pre21
tor tor 0.0.2_pre22
tor tor 0.0.2_pre23
tor tor 0.0.7.2
tor tor 0.0.7.3
tor tor 0.0.8
tor tor 0.0.8.1
tor tor 0.1.0.11
tor tor 0.1.0.12
tor tor 0.1.0.13
tor tor 0.1.0.14
tor tor 0.1.1.1_alpha
tor tor 0.1.1.10_alpha
tor tor 0.1.1.2_alpha
tor tor 0.1.1.3_alpha
tor tor 0.0.2_pre16
tor tor 0.0.2_pre18
tor tor 0.0.2_pre25
tor tor 0.0.2_pre27
tor tor 0.0.6.1
tor tor 0.0.7
tor tor 0.0.9.1
tor tor 0.0.9.2
tor tor 0.0.9.9
tor tor 0.1.0.10
tor tor 0.1.0.15
tor tor 0.1.0.17
tor tor 0.1.0.6
tor tor 0.1.0.8
tor tor 0.1.1.5_alpha
tor tor 0.1.1.7_alpha
tor tor 0.0.2_pre15
tor tor 0.0.2_pre17
tor tor 0.0.2_pre24
tor tor 0.0.2_pre26
tor tor 0.0.6.2
tor tor 0.0.7.1
tor tor 0.0.9
tor tor 0.0.9.10
tor tor 0.0.9.3
tor tor 0.0.9.8
tor tor 0.1.0.1
tor tor 0.1.0.16
tor tor 0.1.0.18
tor tor 0.1.0.5
tor tor 0.1.0.7
tor tor 0.1.0.9
tor tor 0.1.1.4_alpha
tor tor 0.1.1.6_alpha

NVD-CWE-Other http://tor.eff.org/cvs/tor/ChangeLog http://security.gentoo.org/glsa/glsa-200606-04.xml http://www.osvdb.org/25876 http://secunia.com/advisories/20514 https://nvd.nist.gov

Get Started

CVE-2006-3411

Vulnerability Summary

References

Vulmon Search

About

Products

Connect