Mageia: Security Advisory (MGASA-2017-0444)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2017-0444 Updated tor packages fix security vulnerability

When checking for replays in the INTRODUCE1 cell data for a legacy onion service, Tor didn't correctly detect replays in the RSA- encrypted part of the cell. It was previously checking for replays on the entire cell, but those can be circumvented due to the malleability of Tor's legacy hybrid...

Tor 'Relay Early' Traffic Confirmation Attack Vulnerability (Oct 2014) - Windows

Tor is prone to an information disclosure vulnerability. Copyright C 2014 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...

Tor 'Relay Early' Traffic Confirmation Attack Vulnerability (Oct 2014) - Linux

Tor is prone to an information disclosure vulnerability. Copyright C 2014 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...

MGASA-2014-0312 Updated tor package fixes security vulnerability

Tor before 0.2.4.23 maintains a circuit after an inbound RELAYEARLY cell is received by a client, which makes it easier for remote attackers to conduct traffic-confirmation attacks by using the pattern of RELAY and RELAYEARLY cells as a means of communicating information about hidden service name...

Debian DSA-2993-1 : tor - security update

Several issues have been discovered in Tor, a connection-based low-latency anonymous communication system, resulting in information leaks. - Relay-early cells could be used by colluding relays on the network to tag user circuits and so deploy traffic confirmation attacks CVE-2014-5117. The update...

DSA-2993-1 tor - security update

Bulletin has no description...

Design/Logic Flaw

Tor before 0.2.4.23 and 0.2.5 before 0.2.5.6-alpha maintains a circuit after an inbound RELAYEARLY cell is received by a client, which makes it easier for remote attackers to conduct traffic-confirmation attacks by using the pattern of RELAY and RELAYEARLY cells as a means of communicating...

tor -- traffic confirmation attack

The Tor Project reports: Tor before 0.2.4.23 and 0.2.5 before 0.2.5.6-alpha maintains a circuit after an inbound RELAYEARLY cell is received by a client, which makes it easier for remote attackers to conduct traffic-confirmation attacks by using the pattern of RELAY and RELAYEARLY cells as a mean...