Lucene search

MitreCVELIST:CVE-2006-3411

HistoryJul 07, 2006 - 12:00 a.m.

CVE-2006-3411

2006-07-0700:00:00

mitre

www.cve.org

cve-2006-3411

remote attackers

brute force

encryption keys

tls context

tor vulnerability

AI Score

6.6

Confidence

Low

EPSS

0.007

Percentile

79.7%

JSON

TLS handshakes in Tor before 0.1.1.20 generate public-private keys based on TLS context rather than the connection, which makes it easier for remote attackers to conduct brute force attacks on the encryption keys.

References

secunia.com/advisories/20514

security.gentoo.org/glsa/glsa-200606-04.xml

tor.eff.org/cvs/tor/ChangeLog

www.osvdb.org/25876