Vulnerabilites related to tor_project - tor
Vulnerability from fkie_nvd
Published
2017-12-03 07:29
Modified
2025-04-20 01:37
Severity ?
Summary
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, remote attackers can cause a denial of service (NULL pointer dereference and application crash) against directory authorities via a malformed descriptor, aka TROVE-2017-010.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tor_project | tor | * | |
| tor_project | tor | * | |
| tor_project | tor | * | |
| tor_project | tor | * | |
| tor_project | tor | * | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tor_project:tor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "067DE048-F786-4E63-98E6-6FD6415DD3A5",
"versionEndExcluding": "0.2.5.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tor_project:tor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5372249B-59F8-4866-B4D3-F52980FCC269",
"versionEndExcluding": "0.2.8.17",
"versionStartIncluding": "0.2.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tor_project:tor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0739CCD-DE8F-4A44-91CD-986C4644045F",
"versionEndExcluding": "0.2.9.14",
"versionStartIncluding": "0.2.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tor_project:tor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E623D0FC-453C-4D7A-8328-C4C252EEC976",
"versionEndExcluding": "0.3.0.13",
"versionStartIncluding": "0.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tor_project:tor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "249879F0-6A12-41C2-9559-020021080696",
"versionEndExcluding": "0.3.1.9",
"versionStartIncluding": "0.3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, remote attackers can cause a denial of service (NULL pointer dereference and application crash) against directory authorities via a malformed descriptor, aka TROVE-2017-010."
},
{
"lang": "es",
"value": "En Tor, en versiones anteriores a la 0.2.5.16; de la versi\u00f3n 0.2.6 hasta la 0.2.8 anterior a la 0.2.8.17, versiones 0.2.9 anteriores a la 0.2.9.14; versiones 0.3.0 anteriores a la 0.3.0.13 y versiones 0.3.1 anteriores a la 0.3.1.9, los atacantes remotos pueden provocar una denegaci\u00f3n de servicio (desreferencia de puntero NULL y cierre inesperado de la aplicaci\u00f3n) contra autoridades de directorio mediante un descriptor mal formado. Esto tambi\u00e9n se conoce como TROVE-2017-010."
}
],
"id": "CVE-2017-8820",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-12-03T07:29:00.333",
"references": [
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "https://bugs.torproject.org/24245"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-4054"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://bugs.torproject.org/24245"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-4054"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-12-03 07:29
Modified
2025-04-20 01:37
Severity ?
Summary
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, the replay-cache protection mechanism is ineffective for v2 onion services, aka TROVE-2017-009. An attacker can send many INTRODUCE2 cells to trigger this issue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tor_project | tor | * | |
| tor_project | tor | * | |
| tor_project | tor | * | |
| tor_project | tor | * | |
| tor_project | tor | * | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tor_project:tor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "067DE048-F786-4E63-98E6-6FD6415DD3A5",
"versionEndExcluding": "0.2.5.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tor_project:tor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5372249B-59F8-4866-B4D3-F52980FCC269",
"versionEndExcluding": "0.2.8.17",
"versionStartIncluding": "0.2.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tor_project:tor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0739CCD-DE8F-4A44-91CD-986C4644045F",
"versionEndExcluding": "0.2.9.14",
"versionStartIncluding": "0.2.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tor_project:tor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E623D0FC-453C-4D7A-8328-C4C252EEC976",
"versionEndExcluding": "0.3.0.13",
"versionStartIncluding": "0.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tor_project:tor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "249879F0-6A12-41C2-9559-020021080696",
"versionEndExcluding": "0.3.1.9",
"versionStartIncluding": "0.3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, the replay-cache protection mechanism is ineffective for v2 onion services, aka TROVE-2017-009. An attacker can send many INTRODUCE2 cells to trigger this issue."
},
{
"lang": "es",
"value": "En Tor, en versiones anteriores a la 0.2.5.16; de la versi\u00f3n 0.2.6 hasta la 0.2.8 anterior a la 0.2.8.17; versiones 0.2.9 anteriores a la 0.2.9.14; versiones 0.3.0 anteriores a la 0.3.0.13 y versiones 0.3.1 anteriores a la 0.3.1.9, el mecanismo de protecci\u00f3n del cach\u00e9 de reproducci\u00f3n no funciona para servicios onion v2. Esto tambi\u00e9n se conoce como TROVE-2017-009. Un atacante puede enviar m\u00faltiples celdas INTRODUCE2 para desencadenar este problema."
}
],
"id": "CVE-2017-8819",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-12-03T07:29:00.303",
"references": [
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "https://bugs.torproject.org/24244"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-4054"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://bugs.torproject.org/24244"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-4054"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-12-03 07:29
Modified
2025-04-20 01:37
Severity ?
Summary
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, an attacker can cause a denial of service (application hang) via crafted PEM input that signifies a public key requiring a password, which triggers an attempt by the OpenSSL library to ask the user for the password, aka TROVE-2017-011.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tor_project | tor | * | |
| tor_project | tor | * | |
| tor_project | tor | * | |
| tor_project | tor | * | |
| tor_project | tor | * | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tor_project:tor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "067DE048-F786-4E63-98E6-6FD6415DD3A5",
"versionEndExcluding": "0.2.5.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tor_project:tor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5372249B-59F8-4866-B4D3-F52980FCC269",
"versionEndExcluding": "0.2.8.17",
"versionStartIncluding": "0.2.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tor_project:tor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0739CCD-DE8F-4A44-91CD-986C4644045F",
"versionEndExcluding": "0.2.9.14",
"versionStartIncluding": "0.2.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tor_project:tor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E623D0FC-453C-4D7A-8328-C4C252EEC976",
"versionEndExcluding": "0.3.0.13",
"versionStartIncluding": "0.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tor_project:tor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "249879F0-6A12-41C2-9559-020021080696",
"versionEndExcluding": "0.3.1.9",
"versionStartIncluding": "0.3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, an attacker can cause a denial of service (application hang) via crafted PEM input that signifies a public key requiring a password, which triggers an attempt by the OpenSSL library to ask the user for the password, aka TROVE-2017-011."
},
{
"lang": "es",
"value": "En Tor, en versiones anteriores a la 0.2.5.16; de la versi\u00f3n 0.2.6 hasta la 0.2.8 anterior a la 0.2.8.17; versiones 0.2.9 anteriores a la 0.2.9.14; versiones 0.3.0 anteriores a la 0.3.0.13 y versiones 0.3.1 anteriores a la 0.3.1.9, un atacante puede provocar una denegaci\u00f3n de servicio (bloqueo de la aplicaci\u00f3n) mediante una entrada PEM manipulada que represente una clave p\u00fablica que requiera una contrase\u00f1a. Esto da lugar a que la biblioteca Open SSLE intente preguntar la contrase\u00f1a al usuario. Esto tambi\u00e9n se conoce como TROVE-2017-011."
}
],
"id": "CVE-2017-8821",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-12-03T07:29:00.380",
"references": [
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "https://bugs.torproject.org/24246"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-4054"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://bugs.torproject.org/24246"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-4054"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-12-03 07:29
Modified
2025-04-20 01:37
Severity ?
Summary
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, relays (that have incompletely downloaded descriptors) can pick themselves in a circuit path, leading to a degradation of anonymity, aka TROVE-2017-012.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@debian.org | https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516 | Vendor Advisory | |
| security@debian.org | https://bugs.torproject.org/21534 | Issue Tracking, Vendor Advisory | |
| security@debian.org | https://bugs.torproject.org/24333 | Vendor Advisory | |
| security@debian.org | https://www.debian.org/security/2017/dsa-4054 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.torproject.org/21534 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.torproject.org/24333 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2017/dsa-4054 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tor_project | tor | * | |
| tor_project | tor | * | |
| tor_project | tor | * | |
| tor_project | tor | * | |
| tor_project | tor | * | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tor_project:tor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "067DE048-F786-4E63-98E6-6FD6415DD3A5",
"versionEndExcluding": "0.2.5.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tor_project:tor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5372249B-59F8-4866-B4D3-F52980FCC269",
"versionEndExcluding": "0.2.8.17",
"versionStartIncluding": "0.2.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tor_project:tor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0739CCD-DE8F-4A44-91CD-986C4644045F",
"versionEndExcluding": "0.2.9.14",
"versionStartIncluding": "0.2.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tor_project:tor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E623D0FC-453C-4D7A-8328-C4C252EEC976",
"versionEndExcluding": "0.3.0.13",
"versionStartIncluding": "0.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tor_project:tor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "249879F0-6A12-41C2-9559-020021080696",
"versionEndExcluding": "0.3.1.9",
"versionStartIncluding": "0.3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, relays (that have incompletely downloaded descriptors) can pick themselves in a circuit path, leading to a degradation of anonymity, aka TROVE-2017-012."
},
{
"lang": "es",
"value": "En Tor, en versiones anteriores a la 0.2.5.16; de la versi\u00f3n 0.2.6 hasta la 0.2.8 anterior a la 0.2.8.17; versiones 0.2.9 anteriores a la 0.2.9.14; versiones 0.3.0 anteriores a la 0.3.0.13 y versiones 0.3.1 anteriores a la 0.3.1.9, los relays (que contienen descriptores descargados de forma incompleta) pueden escogerse a s\u00ed mismos en una ruta, lo que da lugar a una degradaci\u00f3n de anonimato. Esto tambi\u00e9n se conoce como TROVE-2017-012."
}
],
"id": "CVE-2017-8822",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-12-03T07:29:00.413",
"references": [
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516"
},
{
"source": "security@debian.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugs.torproject.org/21534"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "https://bugs.torproject.org/24333"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-4054"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugs.torproject.org/21534"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://bugs.torproject.org/24333"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-4054"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-417"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-12-03 07:29
Modified
2025-04-20 01:37
Severity ?
Summary
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, there is a use-after-free in onion service v2 during intro-point expiration because the expiring list is mismanaged in certain error cases, aka TROVE-2017-013.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@debian.org | https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516 | Vendor Advisory | |
| security@debian.org | https://bugs.torproject.org/24313 | Issue Tracking, Vendor Advisory | |
| security@debian.org | https://bugs.torproject.org/24430 | Vendor Advisory | |
| security@debian.org | https://www.debian.org/security/2017/dsa-4054 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.torproject.org/24313 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.torproject.org/24430 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2017/dsa-4054 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tor_project | tor | * | |
| tor_project | tor | * | |
| tor_project | tor | * | |
| tor_project | tor | * | |
| tor_project | tor | * | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tor_project:tor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "067DE048-F786-4E63-98E6-6FD6415DD3A5",
"versionEndExcluding": "0.2.5.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tor_project:tor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5372249B-59F8-4866-B4D3-F52980FCC269",
"versionEndExcluding": "0.2.8.17",
"versionStartIncluding": "0.2.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tor_project:tor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0739CCD-DE8F-4A44-91CD-986C4644045F",
"versionEndExcluding": "0.2.9.14",
"versionStartIncluding": "0.2.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tor_project:tor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E623D0FC-453C-4D7A-8328-C4C252EEC976",
"versionEndExcluding": "0.3.0.13",
"versionStartIncluding": "0.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tor_project:tor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "249879F0-6A12-41C2-9559-020021080696",
"versionEndExcluding": "0.3.1.9",
"versionStartIncluding": "0.3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, there is a use-after-free in onion service v2 during intro-point expiration because the expiring list is mismanaged in certain error cases, aka TROVE-2017-013."
},
{
"lang": "es",
"value": "En Tor, en versiones anteriores a la 0.2.5.16; de la versi\u00f3n 0.2.6 hasta la 0.2.8 anterior a la 0.2.8.17: versiones 0.2.9 anteriores a la 0.2.9.14; versiones 0.3.0 anteriores a la 0.3.0.13 y versiones 0.3.1 anteriores a la 0.3.1.9, existe un uso de memoria previamente liberada en el servicio onion v2 durante la expiraci\u00f3n del nodo de entrada, debido a que la lista de expiraci\u00f3n se gestiona de manera incorrecta en ciertos casos de error. Esto tambi\u00e9n se conoce como TROVE-2017-013."
}
],
"id": "CVE-2017-8823",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-12-03T07:29:00.443",
"references": [
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516"
},
{
"source": "security@debian.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugs.torproject.org/24313"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "https://bugs.torproject.org/24430"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-4054"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugs.torproject.org/24313"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://bugs.torproject.org/24430"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-4054"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2017-8821 (GCVE-0-2017-8821)
Vulnerability from cvelistv5
Published
2017-12-03 07:00
Modified
2024-08-05 16:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- application hang
Summary
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, an attacker can cause a denial of service (application hang) via crafted PEM input that signifies a public key requiring a password, which triggers an attempt by the OpenSSL library to ask the user for the password, aka TROVE-2017-011.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9 |
Version: Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:48:22.407Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516"
},
{
"name": "DSA-4054",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2017/dsa-4054"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.torproject.org/24246"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9"
}
]
}
],
"datePublic": "2017-12-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, an attacker can cause a denial of service (application hang) via crafted PEM input that signifies a public key requiring a password, which triggers an attempt by the OpenSSL library to ask the user for the password, aka TROVE-2017-011."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "application hang",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-04T10:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516"
},
{
"name": "DSA-4054",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2017/dsa-4054"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.torproject.org/24246"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2017-8821",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9",
"version": {
"version_data": [
{
"version_value": "Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, an attacker can cause a denial of service (application hang) via crafted PEM input that signifies a public key requiring a password, which triggers an attempt by the OpenSSL library to ask the user for the password, aka TROVE-2017-011."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "application hang"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516",
"refsource": "CONFIRM",
"url": "https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516"
},
{
"name": "DSA-4054",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-4054"
},
{
"name": "https://bugs.torproject.org/24246",
"refsource": "CONFIRM",
"url": "https://bugs.torproject.org/24246"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2017-8821",
"datePublished": "2017-12-03T07:00:00",
"dateReserved": "2017-05-07T00:00:00",
"dateUpdated": "2024-08-05T16:48:22.407Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-8820 (GCVE-0-2017-8820)
Vulnerability from cvelistv5
Published
2017-12-03 07:00
Modified
2024-08-05 16:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- denial of service
Summary
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, remote attackers can cause a denial of service (NULL pointer dereference and application crash) against directory authorities via a malformed descriptor, aka TROVE-2017-010.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9 |
Version: Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:48:22.702Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516"
},
{
"name": "DSA-4054",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2017/dsa-4054"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.torproject.org/24245"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9"
}
]
}
],
"datePublic": "2017-12-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, remote attackers can cause a denial of service (NULL pointer dereference and application crash) against directory authorities via a malformed descriptor, aka TROVE-2017-010."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-04T10:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516"
},
{
"name": "DSA-4054",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2017/dsa-4054"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.torproject.org/24245"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2017-8820",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9",
"version": {
"version_data": [
{
"version_value": "Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, remote attackers can cause a denial of service (NULL pointer dereference and application crash) against directory authorities via a malformed descriptor, aka TROVE-2017-010."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516",
"refsource": "CONFIRM",
"url": "https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516"
},
{
"name": "DSA-4054",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-4054"
},
{
"name": "https://bugs.torproject.org/24245",
"refsource": "CONFIRM",
"url": "https://bugs.torproject.org/24245"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2017-8820",
"datePublished": "2017-12-03T07:00:00",
"dateReserved": "2017-05-07T00:00:00",
"dateUpdated": "2024-08-05T16:48:22.702Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-8823 (GCVE-0-2017-8823)
Vulnerability from cvelistv5
Published
2017-12-03 07:00
Modified
2024-08-05 16:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- use-after-free
Summary
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, there is a use-after-free in onion service v2 during intro-point expiration because the expiring list is mismanaged in certain error cases, aka TROVE-2017-013.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9 |
Version: Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:48:22.276Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.torproject.org/24313"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.torproject.org/24430"
},
{
"name": "DSA-4054",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2017/dsa-4054"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9"
}
]
}
],
"datePublic": "2017-12-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, there is a use-after-free in onion service v2 during intro-point expiration because the expiring list is mismanaged in certain error cases, aka TROVE-2017-013."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "use-after-free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-04T10:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.torproject.org/24313"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.torproject.org/24430"
},
{
"name": "DSA-4054",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2017/dsa-4054"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2017-8823",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9",
"version": {
"version_data": [
{
"version_value": "Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, there is a use-after-free in onion service v2 during intro-point expiration because the expiring list is mismanaged in certain error cases, aka TROVE-2017-013."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "use-after-free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.torproject.org/24313",
"refsource": "CONFIRM",
"url": "https://bugs.torproject.org/24313"
},
{
"name": "https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516",
"refsource": "CONFIRM",
"url": "https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516"
},
{
"name": "https://bugs.torproject.org/24430",
"refsource": "CONFIRM",
"url": "https://bugs.torproject.org/24430"
},
{
"name": "DSA-4054",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-4054"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2017-8823",
"datePublished": "2017-12-03T07:00:00",
"dateReserved": "2017-05-07T00:00:00",
"dateUpdated": "2024-08-05T16:48:22.276Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-8819 (GCVE-0-2017-8819)
Vulnerability from cvelistv5
Published
2017-12-03 07:00
Modified
2024-08-05 16:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- broken protection mechanism
Summary
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, the replay-cache protection mechanism is ineffective for v2 onion services, aka TROVE-2017-009. An attacker can send many INTRODUCE2 cells to trigger this issue.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9 |
Version: Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:48:21.743Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.torproject.org/24244"
},
{
"name": "DSA-4054",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2017/dsa-4054"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9"
}
]
}
],
"datePublic": "2017-12-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, the replay-cache protection mechanism is ineffective for v2 onion services, aka TROVE-2017-009. An attacker can send many INTRODUCE2 cells to trigger this issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "broken protection mechanism",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-04T10:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.torproject.org/24244"
},
{
"name": "DSA-4054",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2017/dsa-4054"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2017-8819",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9",
"version": {
"version_data": [
{
"version_value": "Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, the replay-cache protection mechanism is ineffective for v2 onion services, aka TROVE-2017-009. An attacker can send many INTRODUCE2 cells to trigger this issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "broken protection mechanism"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516",
"refsource": "CONFIRM",
"url": "https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516"
},
{
"name": "https://bugs.torproject.org/24244",
"refsource": "CONFIRM",
"url": "https://bugs.torproject.org/24244"
},
{
"name": "DSA-4054",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-4054"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2017-8819",
"datePublished": "2017-12-03T07:00:00",
"dateReserved": "2017-05-07T00:00:00",
"dateUpdated": "2024-08-05T16:48:21.743Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-8822 (GCVE-0-2017-8822)
Vulnerability from cvelistv5
Published
2017-12-03 07:00
Modified
2024-08-05 16:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- loss of anonymity
Summary
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, relays (that have incompletely downloaded descriptors) can pick themselves in a circuit path, leading to a degradation of anonymity, aka TROVE-2017-012.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9 |
Version: Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:48:21.933Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.torproject.org/21534"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.torproject.org/24333"
},
{
"name": "DSA-4054",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2017/dsa-4054"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9"
}
]
}
],
"datePublic": "2017-12-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, relays (that have incompletely downloaded descriptors) can pick themselves in a circuit path, leading to a degradation of anonymity, aka TROVE-2017-012."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "loss of anonymity",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-04T10:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.torproject.org/21534"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.torproject.org/24333"
},
{
"name": "DSA-4054",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2017/dsa-4054"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2017-8822",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9",
"version": {
"version_data": [
{
"version_value": "Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, relays (that have incompletely downloaded descriptors) can pick themselves in a circuit path, leading to a degradation of anonymity, aka TROVE-2017-012."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "loss of anonymity"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.torproject.org/21534",
"refsource": "CONFIRM",
"url": "https://bugs.torproject.org/21534"
},
{
"name": "https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516",
"refsource": "CONFIRM",
"url": "https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516"
},
{
"name": "https://bugs.torproject.org/24333",
"refsource": "CONFIRM",
"url": "https://bugs.torproject.org/24333"
},
{
"name": "DSA-4054",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-4054"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2017-8822",
"datePublished": "2017-12-03T07:00:00",
"dateReserved": "2017-05-07T00:00:00",
"dateUpdated": "2024-08-05T16:48:21.933Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}