DATABASE RESOURCES PRICING ABOUT US

{"id": "UB:CVE-2006-4508", "vendorId": null, "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2006-4508", "description": "Unspecified vulnerability in (1) Tor 0.1.0.x before 0.1.0.18 and 0.1.1.x\nbefore 0.1.1.23, and (2) ScatterChat before 1.0.2, allows remote attackers\noperating a Tor entry node to route arbitrary Tor traffic through clients\nor cause a denial of service (flood) via unspecified vectors.", "published": "2006-08-31T00:00:00", "modified": "2006-08-31T00:00:00", "cvss": {"score": 4.0, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "href": "https://ubuntu.com/security/CVE-2006-4508", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4508", "https://nvd.nist.gov/vuln/detail/CVE-2006-4508", "https://launchpad.net/bugs/cve/CVE-2006-4508", "https://security-tracker.debian.org/tracker/CVE-2006-4508"], "cvelist": ["CVE-2006-4508"], "immutableFields": [], "lastseen": "2021-11-22T22:03:08", "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2006-4508"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2006-4508"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:14133"]}], "rev": 4}, "score": {"value": 5.0, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2006-4508"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2006-4508"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:14133"]}]}, "exploitation": null, "vulnersScore": 5.0}, "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needs triage", "packageName": "tor"}], "bugs": [], "_state": {"dependencies": 1646131733}}

{"cve": [{"lastseen": "2022-03-23T16:04:53", "description": "Unspecified vulnerability in (1) Tor 0.1.0.x before 0.1.0.18 and 0.1.1.x before 0.1.1.23, and (2) ScatterChat before 1.0.2, allows remote attackers operating a Tor entry node to route arbitrary Tor traffic through clients or cause a denial of service (flood) via unspecified vectors.", "cvss3": {}, "published": "2006-08-31T23:04:00", "type": "cve", "title": "CVE-2006-4508", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-4508"], "modified": "2017-07-20T01:33:00", "cpe": ["cpe:/a:tor:tor:0.1.0.15", "cpe:/a:tor:tor:0.1.0.17", "cpe:/a:tor:tor:0.1.0.16", "cpe:/a:tor:tor:0.1.0.11", "cpe:/a:tor:tor:0.1.1.9", "cpe:/a:tor:tor:0.1.0.5", "cpe:/a:tor:tor:0.1.0.14", "cpe:/a:tor:tor:0.1.0.4", "cpe:/a:tor:tor:0.1.1.14", "cpe:/a:tor:tor:0.1.0.7", "cpe:/a:tor:tor:0.1.0.12", "cpe:/a:tor:tor:0.1.1.15", "cpe:/a:tor:tor:0.1.0.13", "cpe:/a:tor:tor:0.1.1.5", "cpe:/a:tor:tor:0.1.1.19", "cpe:/a:tor:tor:0.1.1.2", "cpe:/a:tor:tor:0.1.1.22", "cpe:/a:scatterchat:scatterchat:1.0.1", "cpe:/a:tor:tor:0.1.1.6", "cpe:/a:tor:tor:0.1.0.1", "cpe:/a:tor:tor:0.1.0.9", "cpe:/a:tor:tor:0.1.1.21", "cpe:/a:tor:tor:0.1.0.3", "cpe:/a:tor:tor:0.1.1.1", "cpe:/a:tor:tor:0.1.0.8", "cpe:/a:tor:tor:0.1.1.13", "cpe:/a:tor:tor:0.1.1.4", "cpe:/a:tor:tor:0.1.1.3", "cpe:/a:tor:tor:0.1.1.12", "cpe:/a:tor:tor:0.1.0.6", "cpe:/a:tor:tor:0.1.1.10", "cpe:/a:tor:tor:0.1.1.16", "cpe:/a:tor:tor:0.1.0.2", "cpe:/a:tor:tor:0.1.1.20", "cpe:/a:tor:tor:0.1.1.18", "cpe:/a:tor:tor:0.1.1.11", "cpe:/a:tor:tor:0.1.0.10", "cpe:/a:tor:tor:0.1.1.7", "cpe:/a:tor:tor:0.1.1.17", "cpe:/a:tor:tor:0.1.1.8"], "id": "CVE-2006-4508", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-4508", "cvss": {"score": 4.0, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:P"}, "cpe23": ["cpe:2.3:a:tor:tor:0.1.1.15:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.1.20:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.1.17:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.1.12:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:scatterchat:scatterchat:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.1.11:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.1.18:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.1.19:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.1.21:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.1.13:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.1.16:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.1.14:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.1.10:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.1.22:*:*:*:*:*:*:*", "cpe:2.3:a:tor:tor:0.1.0.9:*:*:*:*:*:*:*"]}], "securityvulns": [{"lastseen": "2018-08-31T11:10:19", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nScatterChat Advisory 2006-02: Win32 Tor Client Routing and Denial of\r\nService Vulnerabilities\r\nTechnical Report\r\nSeptember 2nd, 2006\r\n\r\nCVE ID: CVE-2006-4508\r\nOSVDB: 28276, 28277\r\n\r\n\r\n\r\nSUMMARY\r\n\r\nScatterChat (http://www.scatterchat.com/) is an instant messaging project\r\nthat aims to provide encryption and anonymity support with Tor to\r\nnon-technical users such as human rights activists and political\r\ndissidents.\r\n\r\nVulnerabilities were found in the external Tor program that is packaged\r\nwith the Windows installer. This vulnerability allows a Tor entry node\r\nto route traffic through the client, or to cause a denial of service by\r\ncrashing the Tor process with malformed input.\r\n\r\nThe impact of this vulnerability is low.\r\n\r\n\r\n\r\nDETAILS\r\n\r\nThe official Tor advisory can be found at:\r\nhttp://archives.seul.org/or/announce/Aug-2006/msg00001.html\r\n\r\n\r\n\r\nIMPACT\r\n\r\nThe end-user impact of this issue is low.\r\n\r\nShould a malicious or compromised Tor entry node successfully exploit\r\nthese issues, the local user's Tor process would crash, and/or the user's\r\nmachine would route traffic to other Tor nodes.\r\n\r\nRouting unwanted traffic would cause bandwidth resources to be consumed\r\nas long as ScatterChat is running.\r\n\r\n\r\n\r\nSOLUTION\r\n\r\nAll Windows users who employ ScatterChat's anonymity feature are\r\nstrongly encouraged to upgrade to ScatterChat v1.0.2:\r\n\r\nhttp://www.scatterchat.com/download/v1.0.2/scatterchat-1.0.2.exe\r\nhttp://www.scatterchat.com/download/v1.0.2/scatterchat-1.0.2.exe.sig\r\n\r\n\r\n\r\nCONTACT\r\n\r\nJ. Salvatore Testa II\r\njtesta--at--hacktivismo--dot--com\r\n\r\nhttp://www.scatterchat.com/jtesta_2006.asc\r\n3428 E58E 715E C37D 2AA7 C55E 97D1 DE8C 4B26 2B62\r\n\r\n\r\n- - ----\r\nA less technical summary of this advisory can be found at:\r\nhttp://www.scatterchat.com/advisories/2006-02_non_tech.html\r\n\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.5 (GNU/Linux)\r\n\r\niD8DBQFE+iHXl9HejEsmK2IRAinIAKC9dHPNc+XJzcX4EeNXI2xilDxOFACfW9LG\r\nqtJQVqTJoHgbb/vXCv0+sQo=\r\n=mw1y\r\n-----END PGP SIGNATURE-----", "edition": 1, "cvss3": {}, "published": "2006-09-04T00:00:00", "title": "[Full-disclosure] ScatterChat Advisory 2006-02: Win32 Tor Client Routing and Denial of Service Vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2006-4508"], "modified": "2006-09-04T00:00:00", "id": "SECURITYVULNS:DOC:14133", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:14133", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}}], "debiancve": [{"lastseen": "2022-06-22T06:03:54", "description": "Unspecified vulnerability in (1) Tor 0.1.0.x before 0.1.0.18 and 0.1.1.x before 0.1.1.23, and (2) ScatterChat before 1.0.2, allows remote attackers operating a Tor entry node to route arbitrary Tor traffic through clients or cause a denial of service (flood) via unspecified vectors.", "cvss3": {}, "published": "2006-08-31T23:04:00", "type": "debiancve", "title": "CVE-2006-4508", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-4508"], "modified": "2006-08-31T23:04:00", "id": "DEBIANCVE:CVE-2006-4508", "href": "https://security-tracker.debian.org/tracker/CVE-2006-4508", "cvss": {"score": 4.0, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:P"}}]}