CVE-2007-1103
published 2007-02-26CVE-2007-1103: Tor does not verify a node's uptime and bandwidth advertisements, which allows remote attackers who operate a low resource node to make false claims of greater…
medium4.3CVSS 3.1
AVNACMAuNCPINAN
Tor does not verify a node's uptime and bandwidth advertisements, which allows remote attackers who operate a low resource node to make false claims of greater resources, which places the node into use for many circuits and compromises the anonymity of traffic sources and destinations.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | tor | — | — |
| tor | tor | <= 0.1.1.26 | — |
CVSS provenance
nvd4.3MEDIUMAV:N/AC:M/Au:N/C:P/I:N/A:N
osv4.3MEDIUM