CVE-2007-3165 — TOR vulnerability

6 documents6 sources

Severity

5.0MEDIUMNVD

EPSS

0.4%

top 36.88%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Torproject TOR TOR

Timeline

PublishedJun 11

Latest updateMay 1

Description

Tor before 0.1.2.14 can construct circuits in which an entry guard is in the same family as the exit node, which might compromise the anonymity of traffic sources and destinations by exposing traffic to inappropriate remote observers.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶Debiantorproject/tor< 0.1.2.14-1+3

▶NVDtor/tor24 versions+23

Patches

Patch: secunia.com ↗Patch: www.securityfocus.com ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-p2h5-374v-r86q: Tor before 0↗2022-05-01

▶

OSV

CVE-2007-3165: Tor before 0↗2007-06-11

▶

CVEList

CVE-2007-3165: Tor before 0↗2007-06-11

▶

📋Vendor Advisories

Debian

CVE-2007-3165: tor - Tor before 0.1.2.14 can construct circuits in which an entry guard is in the sam...↗2007

▶

💬Community

Bugzilla

CVE-2007-3165: tor < 0.1.2.14 information disclosure↗2007-06-16

▶