The rend_service_intro_established function in or/rendservice.c in Tor prior to 0.2.8.15, 0.2.9.x prior to 0.2.9.12, 0.3.0.x prior to 0.3.0.11, 0.3.1.x prior to 0.3.1.7, and 0.3.2.x prior to 0.3.2.1-alpha, when SafeLogging is disabled, allows malicious users to obtain sensitive information by leveraging access to the log files of a hidden service, because uninitialized stack data is included in an error message about construction of an introduction point circuit.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
torproject tor 0.3.1.2 |
||
torproject tor 0.3.1.3 |
||
torproject tor 0.3.0.5 |
||
torproject tor 0.3.0.4 |
||
torproject tor 0.2.9.0 |
||
torproject tor 0.2.9.1 |
||
torproject tor 0.2.9.9 |
||
torproject tor 0.2.9.10 |
||
torproject tor 0.3.1.4 |
||
torproject tor 0.3.1.5 |
||
torproject tor 0.3.0.6 |
||
torproject tor 0.3.0.7 |
||
torproject tor 0.2.9.2 |
||
torproject tor 0.2.9.3 |
||
torproject tor 0.2.9.11 |
||
torproject tor |
||
torproject tor 0.3.2 |
||
torproject tor 0.3.1.1 |
||
torproject tor 0.3.0.2 |
||
torproject tor 0.3.0.1 |
||
torproject tor 0.3.0.10 |
||
torproject tor 0.2.9.6 |
||
torproject tor 0.2.9.8 |
||
torproject tor 0.3.1.6 |
||
torproject tor 0.3.0.0 |
||
torproject tor 0.3.0.3 |
||
torproject tor 0.3.0.8 |
||
torproject tor 0.3.0.9 |
||
torproject tor 0.2.9.4 |
||
torproject tor 0.2.9.5 |