4 matches found
CVE-2018-25022
The Onion module in toxcore before 0.2.2 doesn't restrict which packets can be onion-routed, which allows a remote attacker to discover a target user's IP address when knowing only their Tox Id by positioning themselves close to target's Tox Id in the DHT for the target to establish an onion...
Design/Logic Flaw
The Onion module in toxcore before 0.2.2 doesn't restrict which packets can be onion-routed, which allows a remote attacker to discover a target user's IP address when knowing only their Tox Id by positioning themselves close to target's Tox Id in the DHT for the target to establish an onion...
CVE-2018-25022
The Onion module in toxcore before 0.2.2 doesn't restrict which packets can be onion-routed, which allows a remote attacker to discover a target user's IP address when knowing only their Tox Id by positioning themselves close to target's Tox Id in the DHT for the target to establish an onion...
CVE-2018-25022
The CVE-2018-25022 entry concerns the Onion module in toxcore before 0.2.2, where the Onion module does not restrict which packets can be onion-routed. This allows a remote attacker to discover a target user’s IP address (given only the Tox Id) by manipulating DHT proximity to cause an onion conn...