CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
EPSS
Percentile
5.1%
Tor 0.2.2.x before 0.2.2.7-alpha, when functioning as a directory mirror, does not prevent logging of the client IP address upon detection of erroneous client behavior, which might make it easier for local users to discover the identities of clients in opportunistic circumstances by reading log files.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | tor | < 0.4.7.16-1 | tor_0.4.7.16-1_all.deb |
Debian | 11 | all | tor | < 0.4.5.16-1 | tor_0.4.5.16-1_all.deb |
Debian | 999 | all | tor | < 0.4.8.12-1.1 | tor_0.4.8.12-1.1_all.deb |
Debian | 13 | all | tor | < 0.4.8.12-1.1 | tor_0.4.8.12-1.1_all.deb |