CVE-2006-3411
published 2006-07-07CVE-2006-3411: TLS handshakes in Tor before 0.1.1.20 generate public-private keys based on TLS context rather than the connection, which makes it easier for remote attackers…
medium6.4CVSS 3.1
AVNACLAuNCPIPAN
TLS handshakes in Tor before 0.1.1.20 generate public-private keys based on TLS context rather than the connection, which makes it easier for remote attackers to conduct brute force attacks on the encryption keys.
Affected
73 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | tor | < tor 0.1.1.20-1 (bookworm) | tor 0.1.1.20-1 (bookworm) |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
CVSS provenance
nvd6.4MEDIUMAV:N/AC:L/Au:N/C:P/I:P/A:N
osv6.4MEDIUM