Published: 03/12/2017 Updated: 03/10/2019

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

In Tor prior to 0.2.5.16, 0.2.6 up to and including 0.2.8 prior to 0.2.8.17, 0.2.9 prior to 0.2.9.14, 0.3.0 prior to 0.3.0.13, and 0.3.1 prior to 0.3.1.9, the replay-cache protection mechanism is ineffective for v2 onion services, aka TROVE-2017-009. An attacker can send many INTRODUCE2 cells to trigger this issue.

Vulnerable Product	Search on Vulmon	Subscribe to Product
tor project tor
debian debian linux 8.0
debian debian linux 9.0

Multiple vulnerabilities have been found in Tor, a connection-based low-latency anonymous communication system For the oldstable distribution (jessie), these problems have been fixed in version 02516-1 For the stable distribution (stretch), these problems have been fixed in version 02914-1 We recommend that you upgrade your tor packages F ...

An issue has been found in the way Tor before 0319 checked for replays, leading to a possible traffic confirmation attack ...

NVD-CWE-noinfo https://bugs.torproject.org/24244 https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516 https://www.debian.org/security/2017/dsa-4054 https://nvd.nist.gov https://www.debian.org/security/./dsa-4054

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-8819

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect