CVE-2006-3407TOR vulnerability

5 documents5 sources
Severity
6.4MEDIUMNVD
EPSS
0.8%
top 26.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Torproject TORTOR
Timeline
PublishedJul 7
Latest updateMay 1

Description

Tor before 0.1.1.20 allows remote attackers to spoof log entries or possibly execute shell code via strings with non-printable characters.

CVSS vector

AV:N/AC:L/C:P/I:P/A:NExploitability: 10.0 | Impact: 4.9

Affected Packages2 packages

Debiantorproject/tor< 0.1.1.20-1+3
NVDtor/tor68 versions+67

Patches

Patch: secunia.comPatch: secunia.comPatch: security.gentoo.org

🔴Vulnerability Details

3
GHSA
GHSA-93m4-v97h-82q2: Tor before 02022-05-01
CVEList
CVE-2006-3407: Tor before 02006-07-07
OSV
CVE-2006-3407: Tor before 02006-07-07

📋Vendor Advisories

1
Debian
CVE-2006-3407: tor - Tor before 0.1.1.20 allows remote attackers to spoof log entries or possibly exe...2006
CVE-2006-3407 — TOR vulnerability | cvebase