EUVD-2017-0734

Malware in sbrugna...

CVE-2006-6893

Tor allows remote attackers to discover the IP address of a hidden service by accessing this service at a high rate, thereby changing the server's CPU temperature and consequently changing the pattern of time values visible through 1 ICMP timestamps, 2 TCP sequence numbers, and 3 TCP timestamps, ...

I2P 安全漏洞

I2P is a hybrid-licensed anonymity networking project from I2P, Inc. that enables users to create and access content and build online communities, among other things, on a distributed dynamic network. A security vulnerability exists in I2P versions prior to 2.3.0, which stems from a vulnerability...

CVE-2024-28812

An issue was discovered in Infinera hiT 7300 5.60.50. A hidden SSH service on the local management network interface with hardcoded credentials allows attackers to access the appliance operating system with highest privileges via an SSH connection...

SUSE CVE-2014-5117

Tor before 0.2.4.23 and 0.2.5 before 0.2.5.6-alpha maintains a circuit after an inbound RELAYEARLY cell is received by a client, which makes it easier for remote attackers to conduct traffic-confirmation attacks by using the pattern of RELAY and RELAYEARLY cells as a means of communicating...

SUSE CVE-2015-2928

The Hidden Service HS server implementation in Tor before 0.2.4.27, 0.2.5.x before 0.2.5.12, and 0.2.6.x before 0.2.6.7 allows remote attackers to cause a denial of service assertion failure and daemon exit via unspecified vectors...

SUSE CVE-2016-1254

Tor before 0.2.8.12 might allow remote attackers to cause a denial of service client crash via a crafted hidden service descriptor...

SUSE CVE-2017-0376

The hidden-service feature in Tor before 0.3.0.8 allows a denial of service assertion failure and daemon exit in the connectionedgeprocessrelaycell function via a BEGINDIR cell on a rendezvous circuit...

Spoofing

The SystemUI module has a vulnerability in permission control. If this vulnerability is successfully exploited, users are unaware of the service running in the background...

[updated]REvil ransomware disappears after Tor services hijacked

With some pests you hope they never recover from a blow. It’s almost too good to be true, but one can hope. This is one of them. The REvil ransomware group has shut down their operation for the second time this year after losing control over their Tor-based domains. Shutdown number 1 REvils first...

D-LINK DIR-3040 Libcli 命令注入漏洞(CVE-2021-21819)

The DIR-3040 is an AC3000-based wireless internet router. As discussed in TALOS-2021-1285, a hidden telnet service can be started without authentication by visiting https:///starttelnet This service presents the user with a login prompt for their “libcli test environment”: $ telnet 192.168.0.1...

D-LINK DIR-3040 Libcli command injection vulnerability

Summary A code execution vulnerability exists in the Libcli Test Environment functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability. Tested Versions D-LINK...

CVE-2016-1159

In ZOHO Password Manager Pro PMP 8.3.0 Build 8303 and 8.4.0 Build 8400,8401,8402, underprivileged users can obtain sensitive information entry password history via a vulnerable hidden service...

CVE-2016-1159

In ZOHO Password Manager Pro PMP 8.3.0 Build 8303 and 8.4.0 Build 8400,8401,8402, underprivileged users can obtain sensitive information entry password history via a vulnerable hidden service...

Default credentials

In ZOHO Password Manager Pro PMP 8.3.0 Build 8303 and 8.4.0 Build 8400,8401,8402, underprivileged users can obtain sensitive information entry password history via a vulnerable hidden service...

CVE-2015-2928

The Hidden Service HS server implementation in Tor before 0.2.4.27, 0.2.5.x before 0.2.5.12, and 0.2.6.x before 0.2.6.7 allows remote attackers to cause a denial of service assertion failure and daemon exit via unspecified vectors...

CVE-2015-2929

The Hidden Service HS client implementation in Tor before 0.2.4.27, 0.2.5.x before 0.2.5.12, and 0.2.6.x before 0.2.6.7 allows remote servers to cause a denial of service assertion failure and application exit via a malformed HS descriptor...

Design/Logic Flaw

The Hidden Service HS server implementation in Tor before 0.2.4.27, 0.2.5.x before 0.2.5.12, and 0.2.6.x before 0.2.6.7 allows remote attackers to cause a denial of service assertion failure and daemon exit via unspecified vectors...

Design/Logic Flaw

The Hidden Service HS client implementation in Tor before 0.2.4.27, 0.2.5.x before 0.2.5.12, and 0.2.6.x before 0.2.6.7 allows remote servers to cause a denial of service assertion failure and application exit via a malformed HS descriptor...

CVE-2015-2928

The Hidden Service HS server implementation in Tor before 0.2.4.27, 0.2.5.x before 0.2.5.12, and 0.2.6.x before 0.2.6.7 allows remote attackers to cause a denial of service assertion failure and daemon exit via unspecified vectors...