5 matches found
CVE-2017-8820
CVE-2017-8820 : In Tor up to upstream fixes, a remote attacker could crash a directory authority via a malformed router descriptor, causing a NULL pointer dereference and DoS. Affected releases include several 0.2.x, 0.3.0.x (pre-0.3.0.13) and 0.3.1.x pre-0.3.1.9. Upstream remediation is to upgra...
CVE-2017-8823
CVE-2017-8823 (Tor) : A use-after-free in onion service v2 during intro-point expiration is caused by mismanagement of the expiring list in certain error cases (Tor before 0.3.1.9). Descriptions from Arch Linux ASA-201712-10 indicate this can lead to crashes of v2 onion services when circuits exp...
CVE-2017-8822
CVE-2017-8822 affects Tor relays with incompletely downloaded descriptors, enabling them to pick themselves in a circuit path and cause a degradation of anonymity. Descriptions across connected advisories confirm the issue and upstream fix is to upgrade to Tor 0.3.1.9 (or newer). Upstream notes a...
CVE-2017-8819
CVE-2017-8819 affects Tor prior to 0.3.1.9 (and earlier branches up to 0.2.5.16, 0.2.6–0.2.8/0.2.9, 0.3.0/0.3.1) where the replay-cache protection for v2 onion services is ineffective. An attacker can inject multiple INTRODUCE2 cells to trigger a traffic-confirmation style issue, leading to poten...
CVE-2017-8821
CVE-2017-8821 in Tor allows an attacker to cause the application to ask for a password by sending crafted PEM input signaling a public key requiring a password, triggering OpenSSL to prompt. Affected releases include Tor up to 0.3.0.12 and 0.3.1 before 0.3.1.9 (also older 0.2.x series as listed i...