CVE-2007-4099

2007-07-3021:17:00

[email protected]

web.nvd.nist.gov

cve-2007-4099

tor

security vulnerability

remote attack

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:N/A:P

6.3 Medium

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.8%

JSON

Tor before 0.1.2.15 can select a guard node beyond the first listed never-before-connected-to guard node, which allows remote attackers with control of certain guard nodes to obtain sensitive information and possibly leverage further attacks.

Affected configurations

NVD

Node

tortorMatch0.1.0.10

tortorMatch0.1.0.11

tortorMatch0.1.0.12

tortorMatch0.1.0.13

tortorMatch0.1.0.14

tortorMatch0.1.0.18

tortorMatch0.1.1.1_alpha

tortorMatch0.1.1.2_alpha

tortorMatch0.1.1.3_alpha

tortorMatch0.1.1.4_alpha

tortorMatch0.1.1.5_alpha

tortorMatch0.1.1.20

tortorMatch0.1.1.23

tortorMatch0.1.2.1_alpha-cvs

tortorMatch0.1.2.14

CPENameOperatorVersion
tor:tortoreq0.1.0.10
tor:tortoreq0.1.0.11
tor:tortoreq0.1.0.12
tor:tortoreq0.1.0.13
tor:tortoreq0.1.0.14
tor:tortoreq0.1.0.18
tor:tortoreq0.1.1.1_alpha
tor:tortoreq0.1.1.2_alpha
tor:tortoreq0.1.1.3_alpha
tor:tortoreq0.1.1.4_alpha

CPE	Name	Operator	Version
tor:tor	tor	eq	0.1.0.10
tor:tor	tor	eq	0.1.0.11
tor:tor	tor	eq	0.1.0.12
tor:tor	tor	eq	0.1.0.13
tor:tor	tor	eq	0.1.0.14
tor:tor	tor	eq	0.1.0.18
tor:tor	tor	eq	0.1.1.1_alpha
tor:tor	tor	eq	0.1.1.2_alpha
tor:tor	tor	eq	0.1.1.3_alpha
tor:tor	tor	eq	0.1.1.4_alpha