Lucene search

[email protected]CVE-2006-3414

HistoryJul 07, 2006 - 12:05 a.m.

CVE-2006-3414

2006-07-0700:05:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-3414

tor

vulnerability

hostname

descriptor

nvd

6.9 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

59.2%

JSON

Tor before 0.1.1.20 supports server descriptors that contain hostnames instead of IP addresses, which allows remote attackers to arbitrarily group users by providing preferential address resolution.

CPENameOperatorVersion
tor:tortoreq0.1.1.1_alpha
tor:tortoreq0.0.6.2
tor:tortoreq0.1.0.18
tor:tortoreq0.0.2_pre24
tor:tortoreq0.0.2_pre16
tor:tortoreq0.0.5
tor:tortoreq0.1.0.7
tor:tortoreq0.0.9.8
tor:tortoreq0.0.9.10
tor:tortoreq0.0.9.2

CPE	Name	Operator	Version
tor:tor	tor	eq	0.1.1.1_alpha
tor:tor	tor	eq	0.0.6.2
tor:tor	tor	eq	0.1.0.18
tor:tor	tor	eq	0.0.2_pre24
tor:tor	tor	eq	0.0.2_pre16
tor:tor	tor	eq	0.0.5
tor:tor	tor	eq	0.1.0.7
tor:tor	tor	eq	0.0.9.8
tor:tor	tor	eq	0.0.9.10
tor:tor	tor	eq	0.0.9.2

Rows per page:

1-10 of 681

References

secunia.com/advisories/20514

security.gentoo.org/glsa/glsa-200606-04.xml

tor.eff.org/cvs/tor/ChangeLog

www.osvdb.org/25877

6.9 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

59.2%

JSON

Related for CVE-2006-3414

ubuntucve1 debiancve1