Lucene search
GoogleOSV:CVE-2016-8860HistoryJan 04, 2017 - 8:59 p.m.
CVE-2016-8860
2017-01-0420:59:00
Google
osv.dev
3
Tor before 0.2.8.9 and 0.2.9.x before 0.2.9.4-alpha had internal functions that were entitled to expect that buf_t data had NUL termination, but the implementation of or/buffers.c did not ensure that NUL termination was present, which allows remote attackers to cause a denial of service (client, hidden service, relay, or authority crash) via crafted data.
References
openwall.com/lists/oss-security/2016/10/19/11
www.debian.org/security/2016/dsa-3694
www.securityfocus.com/bid/95116
blog.torproject.org/blog/tor-0289-released-important-fixes
github.com/torproject/tor/commit/3cea86eb2fbb65949673eb4ba8ebb695c87a57ce
security.gentoo.org/glsa/201612-45
trac.torproject.org/projects/tor/ticket/20384
Related
fedora
fedora
[SECURITY] Fedora 24 Update: tor-0.2.8.9-1.fc24
2016-11-01 13:23:49
[SECURITY] Fedora 25 Update: tor-0.2.8.9-1.fc25
2016-10-31 23:47:51
[SECURITY] Fedora 23 Update: tor-0.2.8.9-1.fc23
2016-11-01 16:26:35
prion
prion
Code injection
2017-01-04 20:59:00
cvelist
cvelist
CVE-2016-8860
2017-01-04 20:00:00
debiancve
debiancve
CVE-2016-8860
2017-01-04 20:59:00
nessus
nessus
GLSA-201612-45 : Tor: Multiple vulnerabilities
2016-12-27 00:00:00
Debian DSA-3694-1 : tor - security update
2016-10-19 00:00:00
Fedora 24 : tor (2016-59316cf667)
2016-11-02 00:00:00
gentoo
gentoo
Tor: Multiple vulnerabilities
2016-12-24 00:00:00
openvas
openvas
Fedora Update for tor FEDORA-2016-59316cf667
2016-12-02 00:00:00
Debian: Security Advisory (DSA-3694-1)
2016-10-17 00:00:00
Mageia: Security Advisory (MGASA-2016-0356)
2022-01-28 00:00:00
ubuntucve
ubuntucve
CVE-2016-8860
2017-01-04 00:00:00
mageia
mageia
Updated tor packages fix security vulnerability
2016-10-26 02:11:42
osv
osv
tor - security update
2016-10-18 00:00:00
nvd
nvd
CVE-2016-8860
2017-01-04 20:59:00
cve
cve
CVE-2016-8860
2017-01-04 20:59:00
packetstorm
packetstorm
Orion Elite Hidden IP Browser Pro 7.9 OpenSSL / Tor / Man-In-The-Middle
2017-07-14 00:00:00