Tor prior to 0.2.4.20, when OpenSSL 1.x is used in conjunction with a certain HardwareAccel setting on Intel Sandy Bridge and Ivy Bridge platforms, does not properly generate random numbers for (1) relay identity keys and (2) hidden-service identity keys, which might make it easier for remote malicious users to bypass cryptographic protection mechanisms via unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
torproject tor |
||
torproject tor 0.2.4.18 |
||
torproject tor 0.2.4.10 |
||
torproject tor 0.2.4.9 |
||
torproject tor 0.2.4.2 |
||
torproject tor 0.2.4.1 |
||
torproject tor 0.2.4.17 |
||
torproject tor 0.2.4.16 |
||
torproject tor 0.2.4.15 |
||
torproject tor 0.2.4.8 |
||
torproject tor 0.2.4.7 |
||
torproject tor 0.2.4.14 |
||
torproject tor 0.2.4.13 |
||
torproject tor 0.2.4.6 |
||
torproject tor 0.2.4.5 |
||
torproject tor 0.2.4.12 |
||
torproject tor 0.2.4.11 |
||
torproject tor 0.2.4.4 |
||
torproject tor 0.2.4.3 |