CVE-2011-4894
published 2011-12-23CVE-2011-4894: Tor before 0.2.2.34, when configured as a bridge, uses direct DirPort access instead of a Tor TLS connection for a directory fetch, which makes it easier for…
medium4.3CVSS 3.1
AVNACMAuNCPINAN
Tor before 0.2.2.34, when configured as a bridge, uses direct DirPort access instead of a Tor TLS connection for a directory fetch, which makes it easier for remote attackers to enumerate bridges by observing DirPort connections.
Affected
210 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | tor | < tor 0.2.2.34-1 (bookworm) | tor 0.2.2.34-1 (bookworm) |
| tor | tor | <= 0.2.2.33 | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
| tor | tor | — | — |
CVSS provenance
nvd4.3MEDIUMAV:N/AC:M/Au:N/C:P/I:N/A:N
osv4.3MEDIUM