EUVD-2021-14795

Malware in sbrugna...

Five Minutes of DDoS Brings Down Tor: DDoS Attacks on the Tor Directory Protocol and Mitigations

The Tor network offers network anonymity to its users by routing their traffic through a sequence of relays. A group of nine directory authorities maintains information about all available relay nodes using a distributed directory protocol. We observe that the current protocol makes a steep...

SUSE CVE-2017-8820

In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, remote attackers can cause a denial of service NULL pointer dereference and application crash against directory authorities via a malformed descriptor, aka...

SUSE CVE-2021-28090

Tor before 0.4.5.7 allows a remote attacker to cause Tor directory authorities to exit with an assertion failure, aka TROVE-2021-002...

DEBIAN-CVE-2021-28090

Tor before 0.4.5.7 allows a remote attacker to cause Tor directory authorities to exit with an assertion failure, aka TROVE-2021-002...

UBUNTU-CVE-2021-28090

Tor before 0.4.5.7 allows a remote attacker to cause Tor directory authorities to exit with an assertion failure, aka TROVE-2021-002...

PT-2021-2513 · Tor +4 · Tor +4

Name of the Vulnerable Software and Affected Versions: Tor versions prior to 0.4.5.7 Description: The issue is related to the insufficient use of the assert function in the dirvote add signatures to pending consensus function of the Tor browser. This allows a remote attacker to cause Tor director...

MGASA-2018-0161 Updated tor packages fix security vulnerabilities

A protocol-list handling bug that could be used to remotely crash directory authorities with a null-pointer exception CVE-2018-0490. A bug can be remotely triggered in order to crash relays with a use-after-free pattern CVE-2018-0491...

Updated tor packages fix security vulnerabilities

A protocol-list handling bug that could be used to remotely crash directory authorities with a null-pointer exception CVE-2018-0490. A bug can be remotely triggered in order to crash relays with a use-after-free pattern CVE-2018-0491...

OPENSUSE-SU-2018:0614-1 Security update for tor

This update for tor to version 0.3.2.10 fixes security issues and bugs. The following vulnerabilities were fixed: - CVE-2018-0490: remote crash vulnerability against directory authorities boo1083845, TROVE-2018-001 - CVE-2018-0491: remote relay crash boo1083846, TROVE-2018-002 This new upstream...

UBUNTU-CVE-2017-8820

In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, remote attackers can cause a denial of service NULL pointer dereference and application crash against directory authorities via a malformed descriptor, aka...

CVE-2017-8820

In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, remote attackers can cause a denial of service NULL pointer dereference and application crash against directory authorities via a malformed descriptor, aka...

CVE-2017-8820

In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, remote attackers can cause a denial of service NULL pointer dereference and application crash against directory authorities via a malformed descriptor, aka...

tor-consensus-checker NSE Script

Checks if a target is a known Tor node. The script works by querying the Tor directory authorities. Initially, the script stores all IPs of Tor nodes in a lookup table to reduce the number of requests and make lookups quicker. Script Arguments slaxml.debug See the documentation for the slaxml...

openSUSE Security Update : tor (openSUSE-2015-261)

Tor was updated to 0.2.4.26 to fix several security issues : The release: Contains several medium-level security fixes for relays and exit nodes and also updates the list of directory authorities. - Directory authority updates - relay crashes trough assertion CVE-2015-2688 - exit node crash throu...

Tor Network Is Under Attack through Directory Authority Servers Seizures

Tor has been targeted once again, but this time at a much larger scale. A new attack on Tor network reportedly would either completely shut it down worldwide or turn it into evil network. This time Tor – an internet browser which allows people to maintain their anonymity online by protecting thei...

Tor Project Warns of Possible Upcoming Attack on Network

The Tor Project is warning that an unnamed attacker is planning to try to cripple the network by seizing directory authorities, the servers that help Tor clients find Tor relays in the network. Tor officials said that the network right now is still safe to use, and also emphasized that they are...

[DLA 17-1] tor: new upstream version

Package : tor Version : 0.2.4.23-1deb6u1 The Tor version previously in Debian squeeze, 0.2.2.39, is no longer supported by upstream. This update brings the currently stable version of Tor, 0.2.4.23, to Debian squeeze. Changes include use of stronger cryptographic primitives, always clearing bignu...

New Tor Release Fixes De-Anonymization Attack

The Tor Project has released a new version of its client software to fix a serious vulnerability that allows an attacker to strip users of their anonymity on the network. The new version also includes a number of other security and privacy fixes. The attack that enables the anonymity stripping...

DEBIAN-CVE-2010-0383

Tor before 0.2.1.22, and 0.2.2.x before 0.2.2.7-alpha, uses deprecated identity keys for certain directory authorities, which makes it easier for man-in-the-middle attackers to compromise the anonymity of traffic sources and destinations...