CVE-2006-6893 (GCVE-0-2006-6893)
Vulnerability from cvelistv5
Published
2007-01-08 20:00
Modified
2024-09-17 04:24
Severity ?
CWE
  • n/a
Summary
Tor allows remote attackers to discover the IP address of a hidden service by accessing this service at a high rate, thereby changing the server's CPU temperature and consequently changing the pattern of time values visible through (1) ICMP timestamps, (2) TCP sequence numbers, and (3) TCP timestamps, a different vulnerability than CVE-2006-0414. NOTE: it could be argued that this is a laws-of-physics vulnerability that is a fundamental design limitation of certain hardware implementations, so perhaps this issue should not be included in CVE.
References
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T20:42:07.539Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://events.ccc.de/congress/2006/Fahrplan/events/1513.en.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.lightbluetouchpaper.org/2006/09/04/hot-or-not-revealing-hidden-services-by-their-clock-skew/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.cl.cam.ac.uk/~sjm217/papers/ccs06hotornot.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Tor allows remote attackers to discover the IP address of a hidden service by accessing this service at a high rate, thereby changing the server\u0027s CPU temperature and consequently changing the pattern of time values visible through (1) ICMP timestamps, (2) TCP sequence numbers, and (3) TCP timestamps, a different vulnerability than CVE-2006-0414. NOTE: it could be argued that this is a laws-of-physics vulnerability that is a fundamental design limitation of certain hardware implementations, so perhaps this issue should not be included in CVE."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2007-01-08T20:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://events.ccc.de/congress/2006/Fahrplan/events/1513.en.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.lightbluetouchpaper.org/2006/09/04/hot-or-not-revealing-hidden-services-by-their-clock-skew/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.cl.cam.ac.uk/~sjm217/papers/ccs06hotornot.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-6893",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Tor allows remote attackers to discover the IP address of a hidden service by accessing this service at a high rate, thereby changing the server\u0027s CPU temperature and consequently changing the pattern of time values visible through (1) ICMP timestamps, (2) TCP sequence numbers, and (3) TCP timestamps, a different vulnerability than CVE-2006-0414. NOTE: it could be argued that this is a laws-of-physics vulnerability that is a fundamental design limitation of certain hardware implementations, so perhaps this issue should not be included in CVE."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://events.ccc.de/congress/2006/Fahrplan/events/1513.en.html",
              "refsource": "MISC",
              "url": "http://events.ccc.de/congress/2006/Fahrplan/events/1513.en.html"
            },
            {
              "name": "http://www.lightbluetouchpaper.org/2006/09/04/hot-or-not-revealing-hidden-services-by-their-clock-skew/",
              "refsource": "MISC",
              "url": "http://www.lightbluetouchpaper.org/2006/09/04/hot-or-not-revealing-hidden-services-by-their-clock-skew/"
            },
            {
              "name": "http://www.cl.cam.ac.uk/~sjm217/papers/ccs06hotornot.pdf",
              "refsource": "MISC",
              "url": "http://www.cl.cam.ac.uk/~sjm217/papers/ccs06hotornot.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-6893",
    "datePublished": "2007-01-08T20:00:00Z",
    "dateReserved": "2007-01-08T00:00:00Z",
    "dateUpdated": "2024-09-17T04:24:29.119Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-6893\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2006-12-31T05:00:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Tor allows remote attackers to discover the IP address of a hidden service by accessing this service at a high rate, thereby changing the server\u0027s CPU temperature and consequently changing the pattern of time values visible through (1) ICMP timestamps, (2) TCP sequence numbers, and (3) TCP timestamps, a different vulnerability than CVE-2006-0414. NOTE: it could be argued that this is a laws-of-physics vulnerability that is a fundamental design limitation of certain hardware implementations, so perhaps this issue should not be included in CVE.\"},{\"lang\":\"es\",\"value\":\"Tor permite a atacantes remotos descubrir la direcci\u00f3n IP de un servicio oculto accediendo a este servicio a un alto ritmo de repetici\u00f3n, y por tanto cambiando la temperatura de la CPU y consecuentemente cambiando el patr\u00f3n de valores de tiempo visibles a trav\u00e9s de (1) marcas de tiempo ICMP, (2) n\u00fameros de secuencia TCP,  y (3) marcas de tiempo TCP, una vulnerabilidad distinta de CVE-2006-0414. NOTA: podr\u00eda argumentarse que esto es una vulnerabilidad de las leyes de la f\u00edsica que es una limitaci\u00f3n fundamental de dise\u00f1o de determinadas implementaciones de hardware, por tanto quiz\u00e1s este problema no deber\u00eda ser incluido en CVE.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tor:tor:0.1.1.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB51EE46-D720-4C1F-8992-67F4422E43CB\"}]}]}],\"references\":[{\"url\":\"http://events.ccc.de/congress/2006/Fahrplan/events/1513.en.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.cl.cam.ac.uk/~sjm217/papers/ccs06hotornot.pdf\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.lightbluetouchpaper.org/2006/09/04/hot-or-not-revealing-hidden-services-by-their-clock-skew/\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://events.ccc.de/congress/2006/Fahrplan/events/1513.en.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.cl.cam.ac.uk/~sjm217/papers/ccs06hotornot.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.lightbluetouchpaper.org/2006/09/04/hot-or-not-revealing-hidden-services-by-their-clock-skew/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.