Lucene search

FreeBSD31C09848-1829-11E4-BF04-60A44C524F57

HistoryJul 30, 2014 - 12:00 a.m.

tor -- traffic confirmation attack

2014-07-3000:00:00

vuxml.freebsd.org

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.006 Low

EPSS

Percentile

78.7%

JSON

The Tor Project reports:

Tor before 0.2.4.23 and 0.2.5 before 0.2.5.6-alpha maintains a
circuit after an inbound RELAY_EARLY cell is received by a client,
which makes it easier for remote attackers to conduct
traffic-confirmation attacks by using the pattern of RELAY and
RELAY_EARLY cells as a means of communicating information about
hidden service names.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchtor< 0.2.4.23UNKNOWN
FreeBSDanynoarchtor-devel< 0.2.5.6.aUNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	tor	< 0.2.4.23	UNKNOWN
FreeBSD	any	noarch	tor-devel	< 0.2.5.6.a	UNKNOWN

References

blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-confirmation-attack

lists.torproject.org/pipermail/tor-announce/2014-July/000094.html

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.006 Low

EPSS

Percentile

78.7%

JSON

Related for 31C09848-1829-11E4-BF04-60A44C524F57