CVE-2006-3413 — TOR vulnerability

5 documents5 sources

Severity

5.0MEDIUMNVD

EPSS

0.4%

top 41.13%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Torproject TOR TOR

Timeline

PublishedJul 7

Latest updateMay 1

Description

The privoxy configuration file in Tor before 0.1.1.20, when run on Apple OS X, logs all data via the "logfile", which allows attackers to obtain potentially sensitive information.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶Debiantorproject/tor< 0.1.1.20-1+3

▶NVDtor/tor68 versions+67

Patches

Patch: secunia.com ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-gvjj-rw87-3637: The privoxy configuration file in Tor before 0↗2022-05-01

▶

OSV

CVE-2006-3413: The privoxy configuration file in Tor before 0↗2006-07-07

▶

CVEList

CVE-2006-3413: The privoxy configuration file in Tor before 0↗2006-07-07

▶

📋Vendor Advisories

Debian

CVE-2006-3413: tor - The privoxy configuration file in Tor before 0.1.1.20, when run on Apple OS X, l...↗2006

▶