CVE-2015-2928Reachable Assertion in TOR

8 documents6 sources
Severity
7.5HIGHNVD
EPSS
0.7%
top 27.48%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Torproject TORTHE TOR Project TOR
Timeline
PublishedJan 24
Latest updateMay 24

Description

The Hidden Service (HS) server implementation in Tor before 0.2.4.27, 0.2.5.x before 0.2.5.12, and 0.2.6.x before 0.2.6.7 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

NVDtorproject/tor0.2.5.10.2.5.12+2
Debiantorproject/tor< 0.2.5.12-1+3
CVEListV5the_tor_project/tor0.2.5.x before 0.2.5.12, 0.2.6.x before 0.2.6.7, before 0.2.4.27+2

🔴Vulnerability Details

3
GHSA
GHSA-f48h-2gff-477g: The Hidden Service (HS) server implementation in Tor before 02022-05-24
CVEList
CVE-2015-2928: The Hidden Service (HS) server implementation in Tor before 02020-01-24
OSV
CVE-2015-2928: The Hidden Service (HS) server implementation in Tor before 02020-01-24

📋Vendor Advisories

1
Debian
CVE-2015-2928: tor - The Hidden Service (HS) server implementation in Tor before 0.2.4.27, 0.2.5.x be...2015

💬Community

3
Bugzilla
CVE-2015-2928 CVE-2015-2929 tor: multiple issues fixed in the new upstream releases [epel-all]2015-04-08
Bugzilla
CVE-2015-2928 CVE-2015-2929 tor: multiple issues fixed in the new upstream releases2015-04-08
Bugzilla
CVE-2015-2928 CVE-2015-2929 tor: multiple issues fixed in the new upstream releases [fedora-all]2015-04-08
CVE-2015-2928 — Reachable Assertion in Torproject TOR | cvebase