Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-2331-1
HistoryOct 28, 2011 - 12:00 a.m.

tor - several

2011-10-2800:00:00
Google
osv.dev
11

EPSS

0.002

Percentile

56.1%

JSON

It has been discovered by frosty_un that a design flaw in Tor, an online
privacy tool, allows malicious relay servers to learn certain information
that they should not be able to learn. Specifically, a relay that a user
connects to directly could learn which other relays that user is
connected to directly. In combination with other attacks, this issue
can lead to deanonymizing the user. The Common Vulnerabilities and
Exposures project has assigned
CVE-2011-2768 to this issue.

In addition to fixing the above mentioned issues, the updates to oldstable
and stable fix a number of less critical issues (
CVE-2011-2769). Please
see the
posting from the Tor blog for more information.

For the oldstable distribution (lenny), this problem has been fixed in
version 0.2.1.31-1~lenny+1. Due to technical limitations in the Debian
archive scripts, the update cannot be released synchronously with the
packages for stable. It will be released shortly.

For the stable distribution (squeeze), this problem has been fixed in
version 0.2.1.31-1.

For the unstable (sid) and testing (wheezy) distributions, this problem has been fixed in
version 0.2.2.34-1.

For the experimental distribution, this problem have has been fixed in version
0.2.3.6-alpha-1.

We recommend that you upgrade your tor packages.

Related

debian 1
openvas 10
threatpost 1
fedora 3
securityvulns 2
nessus 6
gentoo 1
thn 1
nvd 2
debiancve 2
ubuntucve 2
cvelist 2
prion 2
cve 2
osv 1
debian
debian
[SECURITY] [DSA 2331-1] tor security update
2011-10-28 16:17:06
openvas
openvas
Debian Security Advisory DSA 2331-1 (tor)
2012-02-11 00:00:00
Fedora Update for tor FEDORA-2011-15208
2012-03-19 00:00:00
Fedora Update for tor FEDORA-2011-15117
2011-11-08 00:00:00
threatpost
threatpost
New Tor Release Fixes De-Anonymization Attack
2011-10-28 14:58:00
fedora
fedora
[SECURITY] Fedora 15 Update: tor-0.2.1.31-1500.fc15
2011-11-04 20:27:34
[SECURITY] Fedora 16 Update: tor-0.2.2.34-1600.fc16
2011-11-10 17:25:40
[SECURITY] Fedora 16 Update: tor-0.2.2.35-1601.fc16
2012-01-11 06:15:50
securityvulns
securityvulns
[SECURITY] [DSA 2331-1] tor security update
2011-10-31 00:00:00
tor information discosure
2011-10-31 00:00:00
nessus
nessus
Fedora 16 : tor-0.2.2.34-1600.fc16 (2011-15208)
2011-11-14 00:00:00
Fedora 15 : tor-0.2.1.31-1500.fc15 (2011-15117)
2011-11-07 00:00:00
Debian DSA-2331-1 : tor - several vulnerabilities
2011-10-31 00:00:00
gentoo
gentoo
Tor: Multiple vulnerabilities
2012-01-23 00:00:00
thn
thn
Tor Vulnerable to Remote arbitrary code Execution
2012-01-23 20:38:00
nvd
nvd
CVE-2011-2768
2011-12-23 03:59:21
CVE-2011-2769
2011-12-23 03:59:21
debiancve
debiancve
CVE-2011-2768
2011-12-23 03:59:21
CVE-2011-2769
2011-12-23 03:59:21
ubuntucve
ubuntucve
CVE-2011-2768
2011-12-23 00:00:00
CVE-2011-2769
2011-12-23 00:00:00
cvelist
cvelist
CVE-2011-2768
2011-12-23 02:00:00
CVE-2011-2769
2011-12-23 02:00:00
prion
prion
Design/Logic Flaw
2011-12-23 03:59:00
Command injection
2011-12-23 03:59:00
cve
cve
CVE-2011-2768
2011-12-23 03:59:21
CVE-2011-2769
2011-12-23 03:59:21
osv
osv
tor-0.2.8.11-1.1 on GA media
2024-06-15 00:00:00

EPSS

0.002

Percentile

56.1%

JSON
Related for OSV:DSA-2331-1
debian1openvas10threatpost1fedora3securityvulns2nessus6gentoo1thn1nvd2debiancve2ubuntucve2cvelist2prion2cve2osv1