Lucene search

[email protected]CVE-2006-3412

HistoryOct 03, 2022 - 4:21 p.m.

CVE-2006-3412

2022-10-0316:21:14

[email protected]

web.nvd.nist.gov

cve-2006-3412

tor

firewall bypass

vulnerability

nvd

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

6.8 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.8%

JSON

Tor before 0.1.1.20 does not sufficiently obey certain firewall options, which allows remote attackers to bypass intended access restrictions for dirservers, direct connections, or proxy servers.

Affected configurations

NVD

Node

tortorMatch0.0.2

tortorMatch0.0.2_pre13

tortorMatch0.0.2_pre14

tortorMatch0.0.2_pre15

tortorMatch0.0.2_pre16

tortorMatch0.0.2_pre17

tortorMatch0.0.2_pre18

tortorMatch0.0.2_pre19

tortorMatch0.0.2_pre20

tortorMatch0.0.2_pre21

tortorMatch0.0.2_pre22

tortorMatch0.0.2_pre23

tortorMatch0.0.2_pre24

tortorMatch0.0.2_pre25

tortorMatch0.0.2_pre26

tortorMatch0.0.2_pre27

tortorMatch0.0.3

tortorMatch0.0.4

tortorMatch0.0.5

tortorMatch0.0.6

tortorMatch0.0.6.1

tortorMatch0.0.6.2

tortorMatch0.0.7

tortorMatch0.0.7.1

tortorMatch0.0.7.2

tortorMatch0.0.7.3

tortorMatch0.0.8

tortorMatch0.0.8.1

tortorMatch0.0.9

tortorMatch0.0.9.1

tortorMatch0.0.9.2

tortorMatch0.0.9.3

tortorMatch0.0.9.4

tortorMatch0.0.9.5

tortorMatch0.0.9.6

tortorMatch0.0.9.7

tortorMatch0.0.9.8

tortorMatch0.0.9.9

tortorMatch0.0.9.10

tortorMatch0.1.0.1

tortorMatch0.1.0.2

tortorMatch0.1.0.3

tortorMatch0.1.0.4

tortorMatch0.1.0.5

tortorMatch0.1.0.6

tortorMatch0.1.0.7

tortorMatch0.1.0.8

tortorMatch0.1.0.9

tortorMatch0.1.0.10

tortorMatch0.1.0.11

tortorMatch0.1.0.12

tortorMatch0.1.0.13

tortorMatch0.1.0.14

tortorMatch0.1.0.15

tortorMatch0.1.0.16

tortorMatch0.1.0.17

tortorMatch0.1.0.18

tortorMatch0.1.0.19

tortorMatch0.1.1.1_alpha

tortorMatch0.1.1.2_alpha

tortorMatch0.1.1.3_alpha

tortorMatch0.1.1.4_alpha

tortorMatch0.1.1.5_alpha

tortorMatch0.1.1.6_alpha

tortorMatch0.1.1.7_alpha

tortorMatch0.1.1.8_alpha

tortorMatch0.1.1.9_alpha

tortorMatch0.1.1.10_alpha

CPENameOperatorVersion
tor:tortoreq0.0.2
tor:tortoreq0.0.2_pre13
tor:tortoreq0.0.2_pre14
tor:tortoreq0.0.2_pre15
tor:tortoreq0.0.2_pre16
tor:tortoreq0.0.2_pre17
tor:tortoreq0.0.2_pre18
tor:tortoreq0.0.2_pre19
tor:tortoreq0.0.2_pre20
tor:tortoreq0.0.2_pre21

CPE	Name	Operator	Version
tor:tor	tor	eq	0.0.2
tor:tor	tor	eq	0.0.2_pre13
tor:tor	tor	eq	0.0.2_pre14
tor:tor	tor	eq	0.0.2_pre15
tor:tor	tor	eq	0.0.2_pre16
tor:tor	tor	eq	0.0.2_pre17
tor:tor	tor	eq	0.0.2_pre18
tor:tor	tor	eq	0.0.2_pre19
tor:tor	tor	eq	0.0.2_pre20
tor:tor	tor	eq	0.0.2_pre21

Rows per page:

1-10 of 681

References

secunia.com/advisories/20514

security.gentoo.org/glsa/glsa-200606-04.xml

tor.eff.org/cvs/tor/ChangeLog

www.osvdb.org/25874

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

6.8 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.8%

JSON

Related for CVE-2006-3412

debiancve1 cvelist1 nvd1 ubuntucve1