Lucene search

[email protected]CVE-2006-3415

HistoryOct 03, 2022 - 4:21 p.m.

CVE-2006-3415

2022-10-0316:21:15

[email protected]

web.nvd.nist.gov

cve-2006-3415

tor

security vulnerability

or destination validation

mitm attack

nvd

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

6.6 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

65.6%

JSON

Tor before 0.1.1.20 uses improper logic to validate the “OR” destination, which allows remote attackers to perform a man-in-the-middle (MITM) attack via unspecified vectors.

Affected configurations

NVD

Node

tortorMatch0.0.2

tortorMatch0.0.2_pre13

tortorMatch0.0.2_pre14

tortorMatch0.0.2_pre15

tortorMatch0.0.2_pre16

tortorMatch0.0.2_pre17

tortorMatch0.0.2_pre18

tortorMatch0.0.2_pre19

tortorMatch0.0.2_pre20

tortorMatch0.0.2_pre21

tortorMatch0.0.2_pre22

tortorMatch0.0.2_pre23

tortorMatch0.0.2_pre24

tortorMatch0.0.2_pre25

tortorMatch0.0.2_pre26

tortorMatch0.0.2_pre27

tortorMatch0.0.3

tortorMatch0.0.4

tortorMatch0.0.5

tortorMatch0.0.6

tortorMatch0.0.6.1

tortorMatch0.0.6.2

tortorMatch0.0.7

tortorMatch0.0.7.1

tortorMatch0.0.7.2

tortorMatch0.0.7.3

tortorMatch0.0.8

tortorMatch0.0.8.1

tortorMatch0.0.9

tortorMatch0.0.9.1

tortorMatch0.0.9.2

tortorMatch0.0.9.3

tortorMatch0.0.9.4

tortorMatch0.0.9.5

tortorMatch0.0.9.6

tortorMatch0.0.9.7

tortorMatch0.0.9.8

tortorMatch0.0.9.9

tortorMatch0.0.9.10

tortorMatch0.1.0.1

tortorMatch0.1.0.2

tortorMatch0.1.0.3

tortorMatch0.1.0.4

tortorMatch0.1.0.5

tortorMatch0.1.0.6

tortorMatch0.1.0.7

tortorMatch0.1.0.8

tortorMatch0.1.0.9

tortorMatch0.1.0.10

tortorMatch0.1.0.11

tortorMatch0.1.0.12

tortorMatch0.1.0.13

tortorMatch0.1.0.14

tortorMatch0.1.0.15

tortorMatch0.1.0.16

tortorMatch0.1.0.17

tortorMatch0.1.0.18

tortorMatch0.1.0.19

tortorMatch0.1.1.1_alpha

tortorMatch0.1.1.2_alpha

tortorMatch0.1.1.3_alpha

tortorMatch0.1.1.4_alpha

tortorMatch0.1.1.5_alpha

tortorMatch0.1.1.6_alpha

tortorMatch0.1.1.7_alpha

tortorMatch0.1.1.8_alpha

tortorMatch0.1.1.9_alpha

tortorMatch0.1.1.10_alpha

CPENameOperatorVersion
tor:tortoreq0.0.2
tor:tortoreq0.0.2_pre13
tor:tortoreq0.0.2_pre14
tor:tortoreq0.0.2_pre15
tor:tortoreq0.0.2_pre16
tor:tortoreq0.0.2_pre17
tor:tortoreq0.0.2_pre18
tor:tortoreq0.0.2_pre19
tor:tortoreq0.0.2_pre20
tor:tortoreq0.0.2_pre21

CPE	Name	Operator	Version
tor:tor	tor	eq	0.0.2
tor:tor	tor	eq	0.0.2_pre13
tor:tor	tor	eq	0.0.2_pre14
tor:tor	tor	eq	0.0.2_pre15
tor:tor	tor	eq	0.0.2_pre16
tor:tor	tor	eq	0.0.2_pre17
tor:tor	tor	eq	0.0.2_pre18
tor:tor	tor	eq	0.0.2_pre19
tor:tor	tor	eq	0.0.2_pre20
tor:tor	tor	eq	0.0.2_pre21

Rows per page:

1-10 of 681

References

secunia.com/advisories/20514

security.gentoo.org/glsa/glsa-200606-04.xml

tor.eff.org/cvs/tor/ChangeLog

www.osvdb.org/25878

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

6.6 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

65.6%

JSON

Related for CVE-2006-3415

nvd1 cvelist1 ubuntucve1 debiancve1