Search

Find a vulnerability

Search criteria

    136 vulnerabilities found for tor by tor

    VAR-201709-0618

    Vulnerability from variot - Updated: 2025-04-20 23:23

    The rend_service_intro_established function in or/rendservice.c in Tor before 0.2.8.15, 0.2.9.x before 0.2.9.12, 0.3.0.x before 0.3.0.11, 0.3.1.x before 0.3.1.7, and 0.3.2.x before 0.3.2.1-alpha, when SafeLogging is disabled, allows attackers to obtain sensitive information by leveraging access to the log files of a hidden service, because uninitialized stack data is included in an error message about construction of an introduction point circuit. Tor Contains a vulnerability related to information disclosure from log files.Information may be obtained. Tor is an implementation of the second generation of onion routing, which is mainly used to access the Internet anonymously. Tor is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512


    Debian Security Advisory DSA-3993-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff October 06, 2017 https://www.debian.org/security/faq


    Package : tor CVE ID : CVE-2017-0380

    It was discovered that the Tor onion service could leak sensitive information to log files if the "SafeLogging" option is set to "0".

    The oldstable distribution (jessie) is not affected.

    For the stable distribution (stretch), this problem has been fixed in version 0.2.9.12-1.

    We recommend that you upgrade your tor packages.

    Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlnX+bUACgkQEMKTtsN8 Tjb5ehAAnG7JAqEQtjrUAenUy9wZtmsqA5AtFf6goHCw9uYZ0Co2rAZbRQYKeerw z9TtW/gyKZdYSmY2jd82E9rJTHfuNX7J37LIfNqb8CMLf+eW5shnqghPX+R+MfXU q99ufaKpdDrK8ZRg3ECXpvHXLyzgYvlm8KAX/6bnv0Kt6nNvE3LCDSXvDjGcGuX/ VEnfZMk6GnxlIp/op3uXPYQYKm7BrModTMx7iKoTlBwhdlxh8MwTBsrEH+aQvIUo ZCqqOdU31Av6OngBmIwnkFPq/4FjXvS/lkmpXP6y6g7RCIAc8yf72wk0lNR5OqBX 2svQyr5ZqBH3fCM9eSDUV4nBvC8xUEETZQpMZRUqlF/SJcO33Jh+R+UE3HHh1Imy ozoxnx+qiKUWoUuSXnPCetXKaWH3alJXkp2JDsmoSAVwW/VBeGylsuQ2nAeYTcOb fdpXRqrL+w/w7VXCIAJ3bCN5N8j6otRtMUAntHgXfqxx72Zk5MQrco7aiPvLzten VyKYFxQiRcBV/JFR37Unklkgf4TNxwXhgVe8M6AiVvyyRcH0v8zEKn7HX53h+fSM W27BweGIE9qpOQlo1m8XiQml/3J8aJhAbvuwRoIoiwKb9Xos6+YdxCqDOJiFArk3 ozt2+7pKmawWD3dJotVIu8tOMOC8lYdP5H0YLy6Qt3X3+zm1x3g= =7kef -----END PGP SIGNATURE-----

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201709-0618",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "torproject",
            "version": "0.3.1.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "torproject",
            "version": "0.3.0.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "torproject",
            "version": "0.3.1.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "torproject",
            "version": "0.3.1.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "torproject",
            "version": "0.3.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "torproject",
            "version": "0.3.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "torproject",
            "version": "0.3.1.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "torproject",
            "version": "0.3.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "torproject",
            "version": "0.3.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "torproject",
            "version": "0.3.1.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "torproject",
            "version": "0.3.0.0"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "torproject",
            "version": "0.2.9.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "torproject",
            "version": "0.2.9.0"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "torproject",
            "version": "0.2.9.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "torproject",
            "version": "0.3.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "torproject",
            "version": "0.2.9.1"
          },
          {
            "model": "tor",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "torproject",
            "version": "0.2.8.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "torproject",
            "version": "0.2.9.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "torproject",
            "version": "0.2.9.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "torproject",
            "version": "0.3.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "torproject",
            "version": "0.2.9.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "torproject",
            "version": "0.2.9.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "torproject",
            "version": "0.3.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "torproject",
            "version": "0.2.9.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "torproject",
            "version": "0.3.0.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "torproject",
            "version": "0.3.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "torproject",
            "version": "0.2.9.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "torproject",
            "version": "0.2.9.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "torproject",
            "version": "0.3.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "torproject",
            "version": "0.3.0.3"
          },
          {
            "model": "tor",
            "scope": null,
            "trust": 0.8,
            "vendor": "the tor",
            "version": null
          },
          {
            "model": "tor",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "tor",
            "version": "0.2.8.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "tor",
            "version": "0.2.9.*,\u003c0.2.9.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "tor",
            "version": "0.3.0.*,\u003c0.3.0.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "tor",
            "version": "0.3.1.*,\u003c0.3.1.7"
          },
          {
            "model": "0.3.2.*,\u003c0.3.2.1-alpha",
            "scope": null,
            "trust": 0.6,
            "vendor": "tor",
            "version": null
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "torproject",
            "version": "0.3.1.0"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "torproject",
            "version": "0.2.8.14"
          },
          {
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "tor 0.3.2.1-alpha",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "torproject",
            "version": null
          },
          {
            "model": "tor",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "torproject",
            "version": "0.3.1.7"
          },
          {
            "model": "tor",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "torproject",
            "version": "0.3.0.11"
          },
          {
            "model": "tor",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "torproject",
            "version": "0.2.9.12"
          },
          {
            "model": "tor",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "torproject",
            "version": "0.2.8.15"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-34623"
          },
          {
            "db": "BID",
            "id": "101222"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008306"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-858"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-0380"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:torproject:tor",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008306"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vendor reported this issue.",
        "sources": [
          {
            "db": "BID",
            "id": "101222"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2017-0380",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2017-0380",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CNVD-2017-34623",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.2,
                "id": "CVE-2017-0380",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-0380",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-0380",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2017-34623",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201709-858",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-34623"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008306"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-858"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-0380"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The rend_service_intro_established function in or/rendservice.c in Tor before 0.2.8.15, 0.2.9.x before 0.2.9.12, 0.3.0.x before 0.3.0.11, 0.3.1.x before 0.3.1.7, and 0.3.2.x before 0.3.2.1-alpha, when SafeLogging is disabled, allows attackers to obtain sensitive information by leveraging access to the log files of a hidden service, because uninitialized stack data is included in an error message about construction of an introduction point circuit. Tor Contains a vulnerability related to information disclosure from log files.Information may be obtained. Tor is an implementation of the second generation of onion routing, which is mainly used to access the Internet anonymously. Tor is prone to an information-disclosure vulnerability. \nAttackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3993-1                   security@debian.org\nhttps://www.debian.org/security/                       Moritz Muehlenhoff\nOctober 06, 2017                      https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage        : tor\nCVE ID         : CVE-2017-0380\n\nIt was discovered that the Tor onion service could leak sensitive\ninformation to log files if the \"SafeLogging\" option is set to \"0\". \n\nThe oldstable distribution (jessie) is not affected. \n\nFor the stable distribution (stretch), this problem has been fixed in\nversion 0.2.9.12-1. \n\nWe recommend that you upgrade your tor packages. \n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlnX+bUACgkQEMKTtsN8\nTjb5ehAAnG7JAqEQtjrUAenUy9wZtmsqA5AtFf6goHCw9uYZ0Co2rAZbRQYKeerw\nz9TtW/gyKZdYSmY2jd82E9rJTHfuNX7J37LIfNqb8CMLf+eW5shnqghPX+R+MfXU\nq99ufaKpdDrK8ZRg3ECXpvHXLyzgYvlm8KAX/6bnv0Kt6nNvE3LCDSXvDjGcGuX/\nVEnfZMk6GnxlIp/op3uXPYQYKm7BrModTMx7iKoTlBwhdlxh8MwTBsrEH+aQvIUo\nZCqqOdU31Av6OngBmIwnkFPq/4FjXvS/lkmpXP6y6g7RCIAc8yf72wk0lNR5OqBX\n2svQyr5ZqBH3fCM9eSDUV4nBvC8xUEETZQpMZRUqlF/SJcO33Jh+R+UE3HHh1Imy\nozoxnx+qiKUWoUuSXnPCetXKaWH3alJXkp2JDsmoSAVwW/VBeGylsuQ2nAeYTcOb\nfdpXRqrL+w/w7VXCIAJ3bCN5N8j6otRtMUAntHgXfqxx72Zk5MQrco7aiPvLzten\nVyKYFxQiRcBV/JFR37Unklkgf4TNxwXhgVe8M6AiVvyyRcH0v8zEKn7HX53h+fSM\nW27BweGIE9qpOQlo1m8XiQml/3J8aJhAbvuwRoIoiwKb9Xos6+YdxCqDOJiFArk3\nozt2+7pKmawWD3dJotVIu8tOMOC8lYdP5H0YLy6Qt3X3+zm1x3g=\n=7kef\n-----END PGP SIGNATURE-----\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-0380"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008306"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-34623"
          },
          {
            "db": "BID",
            "id": "101222"
          },
          {
            "db": "PACKETSTORM",
            "id": "144540"
          }
        ],
        "trust": 2.52
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-0380",
            "trust": 3.4
          },
          {
            "db": "SECTRACK",
            "id": "1039519",
            "trust": 1.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008306",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-34623",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "37666",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-858",
            "trust": 0.6
          },
          {
            "db": "BID",
            "id": "101222",
            "trust": 0.3
          },
          {
            "db": "PACKETSTORM",
            "id": "144540",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-34623"
          },
          {
            "db": "BID",
            "id": "101222"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008306"
          },
          {
            "db": "PACKETSTORM",
            "id": "144540"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-858"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-0380"
          }
        ]
      },
      "id": "VAR-201709-0618",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-34623"
          }
        ],
        "trust": 1.6
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-34623"
          }
        ]
      },
      "last_update_date": "2025-04-20T23:23:36.659000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Fix log-uninitialized-stack bug in rend_service_intro_established.",
            "trust": 0.8,
            "url": "https://github.com/torproject/tor/commit/09ea89764a4d3a907808ed7d4fe42abfe64bd486"
          },
          {
            "title": "Fix TROVE-2017-008: Stack disclosure in hidden services logs when SafeLogging disabled",
            "trust": 0.8,
            "url": "https://trac.torproject.org/projects/tor/ticket/23490"
          },
          {
            "title": "Patch for Tor \u0027rend_service_intro_established\u0027 function sensitive information disclosure vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/106424"
          },
          {
            "title": "Tor Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=74964"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-34623"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008306"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-858"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-532",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008306"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-0380"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.9,
            "url": "https://github.com/torproject/tor/commit/09ea89764a4d3a907808ed7d4fe42abfe64bd486"
          },
          {
            "trust": 1.9,
            "url": "https://trac.torproject.org/projects/tor/ticket/23490"
          },
          {
            "trust": 1.0,
            "url": "http://www.securitytracker.com/id/1039519"
          },
          {
            "trust": 1.0,
            "url": "http://www.debian.org/security/2017/dsa-3993"
          },
          {
            "trust": 0.9,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-0380"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-0380"
          },
          {
            "trust": 0.6,
            "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-0380"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/37666"
          },
          {
            "trust": 0.3,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493513"
          },
          {
            "trust": 0.3,
            "url": "https://www.torproject.org/index.html.en"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/faq"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-34623"
          },
          {
            "db": "BID",
            "id": "101222"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008306"
          },
          {
            "db": "PACKETSTORM",
            "id": "144540"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-858"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-0380"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-34623"
          },
          {
            "db": "BID",
            "id": "101222"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008306"
          },
          {
            "db": "PACKETSTORM",
            "id": "144540"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-858"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-0380"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-11-20T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-34623"
          },
          {
            "date": "2017-09-18T00:00:00",
            "db": "BID",
            "id": "101222"
          },
          {
            "date": "2017-10-16T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-008306"
          },
          {
            "date": "2017-10-09T15:42:49",
            "db": "PACKETSTORM",
            "id": "144540"
          },
          {
            "date": "2017-09-19T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201709-858"
          },
          {
            "date": "2017-09-18T16:29:00.207000",
            "db": "NVD",
            "id": "CVE-2017-0380"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-11-20T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-34623"
          },
          {
            "date": "2017-09-18T00:00:00",
            "db": "BID",
            "id": "101222"
          },
          {
            "date": "2017-10-16T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-008306"
          },
          {
            "date": "2017-09-19T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201709-858"
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2017-0380"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-858"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor Vulnerable to information disclosure from log files",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-008306"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "lack of information",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201709-858"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201112-0163

    Vulnerability from variot - Updated: 2025-04-11 23:20

    Tor before 0.2.2.34, when configured as a bridge, uses direct DirPort access instead of a Tor TLS connection for a directory fetch, which makes it easier for remote attackers to enumerate bridges by observing DirPort connections. Tor is prone to a bridge enumeration weakness. Successful exploits will allow attackers to obtain sensitive information to launch further attacks. Versions prior to Tor 0.2.2.34 are vulnerable

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201112-0163",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.1.1.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.1.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.1.2.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.1.2.31"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.1.2.30"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.1.1.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.1.1.24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.1.1.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.1.1.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.1.1.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.2.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.2.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.2.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.2.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.28"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.27"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.28"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.8.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.28"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.32"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.29"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.31"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.29"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.27"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.27"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.30"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.34"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.32"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.33"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.35"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.14"
          },
          {
            "model": "tor",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.33"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.29"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.19"
          },
          {
            "model": "tor",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "the tor",
            "version": "0.2.2.34"
          },
          {
            "model": ".21-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".20-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".19-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".18-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".17-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".16-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".15-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".14-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.35"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.34"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.33"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.32"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.31"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.214"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.123"
          },
          {
            "model": ".5-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".4-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".3-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".2-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".1-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.118"
          },
          {
            "model": "alpha-cvs",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.2.1"
          },
          {
            "model": "tor",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2.34"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "51278"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003515"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201112-430"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-4894"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:torproject:tor",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003515"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vendor reported this issue.",
        "sources": [
          {
            "db": "BID",
            "id": "51278"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2011-4894",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2011-4894",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2011-4894",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2011-4894",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201112-430",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003515"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201112-430"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-4894"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor before 0.2.2.34, when configured as a bridge, uses direct DirPort access instead of a Tor TLS connection for a directory fetch, which makes it easier for remote attackers to enumerate bridges by observing DirPort connections. Tor is prone to a bridge enumeration weakness. \nSuccessful exploits will allow attackers to obtain sensitive information to launch further attacks. \nVersions prior to Tor 0.2.2.34 are vulnerable",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2011-4894"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003515"
          },
          {
            "db": "BID",
            "id": "51278"
          }
        ],
        "trust": 1.89
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2011-4894",
            "trust": 2.7
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003515",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201112-430",
            "trust": 0.6
          },
          {
            "db": "BID",
            "id": "51278",
            "trust": 0.3
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "51278"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003515"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201112-430"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-4894"
          }
        ]
      },
      "id": "VAR-201112-0163",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.4086538599999999
      },
      "last_update_date": "2025-04-11T23:20:42.851000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Tor 0.2.2.34 is released (security patches)",
            "trust": 0.8,
            "url": "https://blog.torproject.org/blog/tor-02234-released-security-patches"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003515"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-200",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003515"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-4894"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.9,
            "url": "https://blog.torproject.org/blog/tor-02234-released-security-patches"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4894"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4894"
          },
          {
            "trust": 0.3,
            "url": "http://www.torproject.org/index.html.en"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "51278"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003515"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201112-430"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-4894"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "BID",
            "id": "51278"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003515"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201112-430"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-4894"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2011-10-27T00:00:00",
            "db": "BID",
            "id": "51278"
          },
          {
            "date": "2011-12-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-003515"
          },
          {
            "date": "2011-12-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201112-430"
          },
          {
            "date": "2011-12-23T03:59:22.067000",
            "db": "NVD",
            "id": "CVE-2011-4894"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2011-10-27T00:00:00",
            "db": "BID",
            "id": "51278"
          },
          {
            "date": "2011-12-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-003515"
          },
          {
            "date": "2011-12-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201112-430"
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2011-4894"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201112-430"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor Enumerated bridge vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003515"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "information disclosure",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201112-430"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201112-0161

    Vulnerability from variot - Updated: 2025-04-11 23:18

    Tor before 0.2.2.25-alpha, when configured as a relay without the Nickname configuration option, uses the local hostname as the Nickname value, which allows remote attackers to obtain potentially sensitive information by reading this value. Tor is prone to an information disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information to launch further attacks. Versions prior to Tor 0.2.2.25 are vulnerable

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201112-0161",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.0.7.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.0.6.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.0.6.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.0.7.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.2.1.29"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.2.1.28"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.2.1.27"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.2.1.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.2.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.2.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.2.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.2.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.27"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.28"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.8.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.28"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.32"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.31"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.29"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.27"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.30"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.31"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.34"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.33"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.35"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.30"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.25"
          },
          {
            "model": "tor",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.19"
          },
          {
            "model": "tor",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "the tor",
            "version": "0.2.2.25-alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.224"
          },
          {
            "model": ".21-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".20-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".19-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".18-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".17-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".16-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".15-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".14-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.35"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.34"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.33"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.32"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.31"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.214"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.123"
          },
          {
            "model": ".5-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".4-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".3-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".2-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".1-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.118"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.1.30"
          },
          {
            "model": "alpha-cvs",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.2.1"
          },
          {
            "model": "tor",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.225"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "51282"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003518"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201112-433"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-4897"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:torproject:tor",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003518"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vendor reported this issue.",
        "sources": [
          {
            "db": "BID",
            "id": "51282"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2011-4897",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2011-4897",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2011-4897",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2011-4897",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201112-433",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2011-4897",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2011-4897"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003518"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201112-433"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-4897"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor before 0.2.2.25-alpha, when configured as a relay without the Nickname configuration option, uses the local hostname as the Nickname value, which allows remote attackers to obtain potentially sensitive information by reading this value. Tor is prone to an information disclosure vulnerability. \nSuccessful exploits will allow attackers to obtain sensitive information to launch further attacks. \nVersions prior to Tor 0.2.2.25 are vulnerable",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2011-4897"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003518"
          },
          {
            "db": "BID",
            "id": "51282"
          },
          {
            "db": "VULMON",
            "id": "CVE-2011-4897"
          }
        ],
        "trust": 1.98
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2011-4897",
            "trust": 2.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003518",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201112-433",
            "trust": 0.6
          },
          {
            "db": "BID",
            "id": "51282",
            "trust": 0.4
          },
          {
            "db": "VULMON",
            "id": "CVE-2011-4897",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2011-4897"
          },
          {
            "db": "BID",
            "id": "51282"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003518"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201112-433"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-4897"
          }
        ]
      },
      "id": "VAR-201112-0161",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.4086538599999999
      },
      "last_update_date": "2025-04-11T23:18:58.906000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Tor 0.2.2.25-alpha is out",
            "trust": 0.8,
            "url": "https://blog.torproject.org/blog/tor-02225-alpha-out"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003518"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-200",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003518"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-4897"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://blog.torproject.org/blog/tor-02225-alpha-out"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4897"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4897"
          },
          {
            "trust": 0.3,
            "url": "http://www.torproject.org/index.html.en"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/200.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.securityfocus.com/bid/51282"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2011-4897"
          },
          {
            "db": "BID",
            "id": "51282"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003518"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201112-433"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-4897"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2011-4897"
          },
          {
            "db": "BID",
            "id": "51282"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003518"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201112-433"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-4897"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2011-12-23T00:00:00",
            "db": "VULMON",
            "id": "CVE-2011-4897"
          },
          {
            "date": "2011-05-02T00:00:00",
            "db": "BID",
            "id": "51282"
          },
          {
            "date": "2011-12-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-003518"
          },
          {
            "date": "2011-12-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201112-433"
          },
          {
            "date": "2011-12-23T03:59:22.177000",
            "db": "NVD",
            "id": "CVE-2011-4897"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2011-12-30T00:00:00",
            "db": "VULMON",
            "id": "CVE-2011-4897"
          },
          {
            "date": "2011-05-02T00:00:00",
            "db": "BID",
            "id": "51282"
          },
          {
            "date": "2011-12-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-003518"
          },
          {
            "date": "2011-12-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201112-433"
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2011-4897"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201112-433"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor Vulnerability in which important information is obtained",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003518"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "information disclosure",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201112-433"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201112-0165

    Vulnerability from variot - Updated: 2025-04-11 23:16

    Tor before 0.2.2.24-alpha continues to use a reachable bridge that was previously configured but is not currently configured, which might allow remote attackers to obtain sensitive information about clients in opportunistic circumstances by monitoring network traffic to the bridge port. Tor is prone to an information disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information to launch further attacks. Versions prior to Tor 0.2.2.24 are vulnerable

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201112-0165",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "tor",
            "version": "0.2.1.29"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.0.32"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.0.30"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.2.1.28"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.2.1.27"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.2.1.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.2.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.2.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.2.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.2.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.27"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.28"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.8.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.28"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.31"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.29"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.27"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.31"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.34"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.11"
          },
          {
            "model": "tor",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.33"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.35"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.30"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.19"
          },
          {
            "model": "tor",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "the tor",
            "version": "0.2.2.24-alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "tor",
            "version": "0.2.2.23"
          },
          {
            "model": ".21-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".20-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".19-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".18-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".17-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".16-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".15-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".14-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.35"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.34"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.33"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.32"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.31"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.214"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.123"
          },
          {
            "model": ".5-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".4-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".3-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".2-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".1-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.118"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.1.30"
          },
          {
            "model": "alpha-cvs",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.2.1"
          },
          {
            "model": "tor",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.224"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "51283"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003517"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201112-432"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-4896"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:torproject:tor",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003517"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vendor reported this issue.",
        "sources": [
          {
            "db": "BID",
            "id": "51283"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2011-4896",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2011-4896",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2011-4896",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2011-4896",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201112-432",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003517"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201112-432"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-4896"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor before 0.2.2.24-alpha continues to use a reachable bridge that was previously configured but is not currently configured, which might allow remote attackers to obtain sensitive information about clients in opportunistic circumstances by monitoring network traffic to the bridge port. Tor is prone to an information disclosure vulnerability. \nSuccessful exploits will allow attackers to obtain sensitive information to launch further attacks. \nVersions prior to Tor 0.2.2.24 are vulnerable",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2011-4896"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003517"
          },
          {
            "db": "BID",
            "id": "51283"
          }
        ],
        "trust": 1.89
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2011-4896",
            "trust": 2.7
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003517",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201112-432",
            "trust": 0.6
          },
          {
            "db": "BID",
            "id": "51283",
            "trust": 0.3
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "51283"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003517"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201112-432"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-4896"
          }
        ]
      },
      "id": "VAR-201112-0165",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.4086538599999999
      },
      "last_update_date": "2025-04-11T23:16:46.056000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Tor 0.2.2.24-alpha is out",
            "trust": 0.8,
            "url": "https://blog.torproject.org/blog/tor-02224-alpha-out"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003517"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-200",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003517"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-4896"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.9,
            "url": "https://blog.torproject.org/blog/tor-02224-alpha-out"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4896"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4896"
          },
          {
            "trust": 0.3,
            "url": "http://www.torproject.org/index.html.en"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "51283"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003517"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201112-432"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-4896"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "BID",
            "id": "51283"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003517"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201112-432"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-4896"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2011-04-12T00:00:00",
            "db": "BID",
            "id": "51283"
          },
          {
            "date": "2011-12-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-003517"
          },
          {
            "date": "2011-12-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201112-432"
          },
          {
            "date": "2011-12-23T03:59:22.130000",
            "db": "NVD",
            "id": "CVE-2011-4896"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2011-04-12T00:00:00",
            "db": "BID",
            "id": "51283"
          },
          {
            "date": "2011-12-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-003517"
          },
          {
            "date": "2011-12-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201112-432"
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2011-4896"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201112-432"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor Vulnerability in which important information is obtained",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003517"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "information disclosure",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201112-432"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201012-0256

    Vulnerability from variot - Updated: 2025-04-11 23:13

    Heap-based buffer overflow in Tor before 0.2.1.28 and 0.2.2.x before 0.2.2.20-alpha allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors. Tor is an implementation of the second generation of onion routing, through which users can communicate anonymously over the Internet. Tor is prone to an unspecified heap-based buffer-overflow vulnerability because it fails to properly validate user-supplied input. Failed exploit attempts will likely result in denial-of-service conditions. No additional information is available.

    Workaround

    There is no known workaround at this time.

    Resolution

    All Tor users should upgrade to the latest stable version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=net-misc/tor-0.2.1.28"
    

    References

    [ 1 ] CVE-2010-1676 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1676

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-201101-02.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5

    . ----------------------------------------------------------------------

    Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM).

    Request a free trial: http://secunia.com/products/corporate/vim/


    TITLE: Tor Unspecified Buffer Overflow Vulnerability

    SECUNIA ADVISORY ID: SA42536

    VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42536/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42536

    RELEASE DATE: 2010-12-28

    DISCUSS ADVISORY: http://secunia.com/advisories/42536/#comments

    AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

    http://secunia.com/advisories/42536/

    ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

    https://ca.secunia.com/?page=viewadvisory&vuln_id=42536

    ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

    http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

    DESCRIPTION: A vulnerability has been reported in Tor, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

    SOLUTION: Update to version 0.2.1.28.

    Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

    PROVIDED AND/OR DISCOVERED BY: The vendor credits Willem Pinckaers.

    ORIGINAL ADVISORY: https://gitweb.torproject.org/tor.git/blob/release-0.2.1:/ChangeLog http://archives.seul.org/or/announce/Dec-2010/msg00000.html

    OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

    DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

    EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

    EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

    EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/


    About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/advisories/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    . By supplying specially crafted packets a remote attacker can cause Tor to overflow its heap, crashing the process. Arbitrary code execution has not been confirmed but there is a potential risk.

    In the stable distribution (lenny), this update also includes an update of the IP address for the Tor directory authority gabelmoo and addresses a weakness in the package's postinst maintainer script.

    For the stable distribution (lenny) this problem has been fixed in version 0.2.1.26-1~lenny+4.

    For the testing distribution (squeeze) and the unstable distribution (sid), this problem has been fixed in version 0.2.1.26-6.

    We recommend that you upgrade your tor packages.

    Upgrade instructions


    If you are using the apt-get package manager, use the line for sources.list as given below:

    apt-get update will update the internal database apt-get upgrade will install corrected packages

    You may use an automated update by adding the resources from the footer to the proper configuration.


    For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux)

    iEYEARECAAYFAk0RRVsACgkQYy49rUbZzlp2mACeP+489ptl1vz0BQoJW1F2w9x4 K4oAnAjVvOvl898mVCeSJRhkKtEXT5nG =eMo2 -----END PGP SIGNATURE----- . This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201012-0256",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "tor",
            "version": "0.1.2.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "tor",
            "version": "0.0.9.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "tor",
            "version": "0.0.9.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "tor",
            "version": "0.0.9.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "tor",
            "version": "0.0.9.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "tor",
            "version": "0.0.9.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "tor",
            "version": "0.0.9.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "tor",
            "version": "0.0.9.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "tor",
            "version": "0.0.9.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "tor",
            "version": "0.0.9.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "tor",
            "version": "0.0.9.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "tor",
            "version": "0.1.0.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "tor",
            "version": "0.1.0.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "tor",
            "version": "0.1.0.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "tor",
            "version": "0.1.0.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "tor",
            "version": "0.1.0.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "tor",
            "version": "0.1.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.1.2.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.1.2.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.0.2_pre23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.0.2_pre22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.0.2_pre17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.0.2_pre24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.1.2.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.1.2.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.0.2_pre21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.1.2.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.1_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.8.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.1_alpha-cvs"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.10_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.2_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.5_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.4_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.8_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.9_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.30"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.7_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre27"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.6_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.9"
          },
          {
            "model": "tor",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.27"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.3_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.19"
          },
          {
            "model": "alpha-cvs",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "tor",
            "version": "0.1.2.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "tor",
            "version": "0.1.2.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "tor",
            "version": "0.2.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "tor",
            "version": "0.2.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "tor",
            "version": "0.2.1.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "tor",
            "version": "0.2.1.27"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "tor",
            "version": "0.118"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "tor",
            "version": "0.1.123"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "tor",
            "version": "0.2.31"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "tor",
            "version": "0.2.32"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "tor",
            "version": "0.2.33"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "tor",
            "version": "0.2.34"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "tor",
            "version": "0.2.35"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "the tor",
            "version": "0.2.2.20-alpha"
          },
          {
            "model": "tor",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "the tor",
            "version": "0.2.2.x"
          },
          {
            "model": "0.1.1.1-alpha",
            "scope": null,
            "trust": 0.6,
            "vendor": "tor",
            "version": null
          },
          {
            "model": "0.1.1.2-alpha",
            "scope": null,
            "trust": 0.6,
            "vendor": "tor",
            "version": null
          },
          {
            "model": "0.1.1.3-alpha",
            "scope": null,
            "trust": 0.6,
            "vendor": "tor",
            "version": null
          },
          {
            "model": "0.1.1.4-alpha",
            "scope": null,
            "trust": 0.6,
            "vendor": "tor",
            "version": null
          },
          {
            "model": "0.1.1.5-alpha",
            "scope": null,
            "trust": 0.6,
            "vendor": "tor",
            "version": null
          },
          {
            "model": "\u003c0.2.2.20-alpha",
            "scope": null,
            "trust": 0.6,
            "vendor": "tor",
            "version": null
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "tor",
            "version": "0.2.1.28"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.214"
          },
          {
            "model": ".5-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".4-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".3-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".2-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".1-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "linux mipsel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "linux m68k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "linux hppa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "linux armel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "linux alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "tor",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.1.28"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2010-3318"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-3344"
          },
          {
            "db": "BID",
            "id": "45500"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-002937"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201012-262"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-1676"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:torproject:tor",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-002937"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Secunia",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "97609"
          },
          {
            "db": "PACKETSTORM",
            "id": "97111"
          },
          {
            "db": "PACKETSTORM",
            "id": "97176"
          },
          {
            "db": "PACKETSTORM",
            "id": "96954"
          }
        ],
        "trust": 0.4
      },
      "cve": "CVE-2010-1676",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2010-1676",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2010-1676",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2010-1676",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201012-262",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-002937"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201012-262"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-1676"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Heap-based buffer overflow in Tor before 0.2.1.28 and 0.2.2.x before 0.2.2.20-alpha allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors. Tor is an implementation of the second generation of onion routing, through which users can communicate anonymously over the Internet. Tor is prone to an unspecified heap-based buffer-overflow vulnerability because it fails to properly validate user-supplied input. Failed exploit attempts will likely result in denial-of-service conditions. No additional information is available. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Tor users should upgrade to the latest stable version:\n\n    # emerge --sync\n    # emerge --ask --oneshot --verbose \"\u003e=net-misc/tor-0.2.1.28\"\n\nReferences\n==========\n\n  [ 1 ] CVE-2010-1676\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1676\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n  http://security.gentoo.org/glsa/glsa-201101-02.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2011 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. ----------------------------------------------------------------------\n\n\nSecure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). \n\nRequest a free trial: \nhttp://secunia.com/products/corporate/vim/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nTor Unspecified Buffer Overflow Vulnerability\n\nSECUNIA ADVISORY ID:\nSA42536\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/42536/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42536\n\nRELEASE DATE:\n2010-12-28\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/42536/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/42536/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42536\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in Tor, which can be exploited by\nmalicious people to cause a DoS (Denial of Service) and potentially\ncompromise a vulnerable system. \n\nSOLUTION:\nUpdate to version 0.2.1.28. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Willem Pinckaers. \n\nORIGINAL ADVISORY:\nhttps://gitweb.torproject.org/tor.git/blob/release-0.2.1:/ChangeLog\nhttp://archives.seul.org/or/announce/Dec-2010/msg00000.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n.  By supplying\nspecially crafted packets a remote attacker can cause Tor to overflow its\nheap, crashing the process. Arbitrary code execution has not been\nconfirmed but there is a potential risk. \n\nIn the stable distribution (lenny), this update also includes an update of\nthe IP address for the Tor directory authority gabelmoo and addresses\na weakness in the package\u0027s postinst maintainer script. \n\n\nFor the stable distribution (lenny) this problem has been fixed in\nversion 0.2.1.26-1~lenny+4. \n\nFor the testing distribution (squeeze) and the unstable distribution (sid),\nthis problem has been fixed in version 0.2.1.26-6. \n\n\nWe recommend that you upgrade your tor packages. \n\nUpgrade instructions\n- --------------------\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n        will update the internal database\napt-get upgrade\n        will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show \u003cpkg\u003e\u0027 and http://packages.debian.org/\u003cpkg\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.10 (GNU/Linux)\n\niEYEARECAAYFAk0RRVsACgkQYy49rUbZzlp2mACeP+489ptl1vz0BQoJW1F2w9x4\nK4oAnAjVvOvl898mVCeSJRhkKtEXT5nG\n=eMo2\n-----END PGP SIGNATURE-----\n. This fixes a vulnerability,\nwhich can be exploited by malicious people to cause a DoS (Denial of\nService) and potentially compromise a vulnerable system",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2010-1676"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-002937"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-3318"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-3344"
          },
          {
            "db": "BID",
            "id": "45500"
          },
          {
            "db": "PACKETSTORM",
            "id": "97561"
          },
          {
            "db": "PACKETSTORM",
            "id": "97609"
          },
          {
            "db": "PACKETSTORM",
            "id": "97111"
          },
          {
            "db": "PACKETSTORM",
            "id": "96937"
          },
          {
            "db": "PACKETSTORM",
            "id": "97176"
          },
          {
            "db": "PACKETSTORM",
            "id": "96954"
          }
        ],
        "trust": 3.51
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2010-1676",
            "trust": 4.1
          },
          {
            "db": "SECUNIA",
            "id": "42536",
            "trust": 2.3
          },
          {
            "db": "BID",
            "id": "45500",
            "trust": 1.9
          },
          {
            "db": "VUPEN",
            "id": "ADV-2010-3290",
            "trust": 1.6
          },
          {
            "db": "SECTRACK",
            "id": "1024910",
            "trust": 1.6
          },
          {
            "db": "SECUNIA",
            "id": "42916",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "42783",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "42667",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2011-0114",
            "trust": 1.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-002937",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-3318",
            "trust": 0.6
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-3344",
            "trust": 0.6
          },
          {
            "db": "MLIST",
            "id": "[OR-ANNOUNCE] 20101220 TOR 0.2.1.28 IS RELEASED (SECURITY PATCHES)",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "16212",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201012-262",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "97561",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "97609",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "97111",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "96937",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "97176",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "96954",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2010-3318"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-3344"
          },
          {
            "db": "BID",
            "id": "45500"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-002937"
          },
          {
            "db": "PACKETSTORM",
            "id": "97561"
          },
          {
            "db": "PACKETSTORM",
            "id": "97609"
          },
          {
            "db": "PACKETSTORM",
            "id": "97111"
          },
          {
            "db": "PACKETSTORM",
            "id": "96937"
          },
          {
            "db": "PACKETSTORM",
            "id": "97176"
          },
          {
            "db": "PACKETSTORM",
            "id": "96954"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201012-262"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-1676"
          }
        ]
      },
      "id": "VAR-201012-0256",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2010-3318"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-3344"
          }
        ],
        "trust": 2.2
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 1.2
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2010-3318"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-3344"
          }
        ]
      },
      "last_update_date": "2025-04-11T23:13:02.099000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "tor-02220-alpha-out-security-patches",
            "trust": 0.8,
            "url": "http://blog.torproject.org/blog/tor-02220-alpha-out-security-patches"
          },
          {
            "title": "tor-02128-released-security-patches",
            "trust": 0.8,
            "url": "http://blog.torproject.org/blog/tor-02128-released-security-patches"
          },
          {
            "title": "Tor Unknown Buffer Buffer Overflow Vulnerability Patch",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/2223"
          },
          {
            "title": "Tor heap buffer overflow vulnerability patch",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/2356"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2010-3318"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-3344"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-002937"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-002937"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-1676"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://gitweb.torproject.org/tor.git/blob/release-0.2.1:/changelog"
          },
          {
            "trust": 2.0,
            "url": "http://archives.seul.org/or/announce/dec-2010/msg00000.html"
          },
          {
            "trust": 1.6,
            "url": "http://www.vupen.com/english/advisories/2010/3290"
          },
          {
            "trust": 1.6,
            "url": "http://www.securityfocus.com/bid/45500"
          },
          {
            "trust": 1.6,
            "url": "http://securitytracker.com/id?1024910"
          },
          {
            "trust": 1.6,
            "url": "http://secunia.com/advisories/42536"
          },
          {
            "trust": 1.6,
            "url": "http://blog.torproject.org/blog/tor-02220-alpha-out-security-patches"
          },
          {
            "trust": 1.6,
            "url": "http://blog.torproject.org/blog/tor-02128-released-security-patches"
          },
          {
            "trust": 1.1,
            "url": "http://security.gentoo.org/glsa/glsa-201101-02.xml"
          },
          {
            "trust": 1.1,
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-december/052657.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-december/052690.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2011/0114"
          },
          {
            "trust": 1.0,
            "url": "http://www.debian.org/security/2010/dsa-2136"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/42783"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/42916"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/42667"
          },
          {
            "trust": 0.9,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1676"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1676"
          },
          {
            "trust": 0.6,
            "url": "http://archives.seul.org/or/announce/dec-2010/msg00000.htmlhttps"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/42536http"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/16212"
          },
          {
            "trust": 0.4,
            "url": "http://secunia.com/products/corporate/evm/"
          },
          {
            "trust": 0.4,
            "url": "http://secunia.com/advisories/about_secunia_advisories/"
          },
          {
            "trust": 0.4,
            "url": "http://secunia.com/advisories/secunia_security_advisories/"
          },
          {
            "trust": 0.4,
            "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
          },
          {
            "trust": 0.4,
            "url": "http://secunia.com/products/corporate/vim/"
          },
          {
            "trust": 0.4,
            "url": "http://secunia.com/vulnerability_scanning/personal/"
          },
          {
            "trust": 0.4,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.3,
            "url": "http://www.torproject.org/index.html.en"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1676"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42916"
          },
          {
            "trust": 0.1,
            "url": "http://www.gentoo.org/security/en/glsa/glsa-201101-02.xml"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/42916/#comments"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/42916/"
          },
          {
            "trust": 0.1,
            "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42536"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/42536/#comments"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/42536/"
          },
          {
            "trust": 0.1,
            "url": "http://packages.debian.org/\u003cpkg\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/faq"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/42783/"
          },
          {
            "trust": 0.1,
            "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42783"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/42783/#comments"
          },
          {
            "trust": 0.1,
            "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42667"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/42667/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/42667/#comments"
          },
          {
            "trust": 0.1,
            "url": "http://lists.debian.org/debian-security-announce/2010/msg00187.html"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2010-3318"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-3344"
          },
          {
            "db": "BID",
            "id": "45500"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-002937"
          },
          {
            "db": "PACKETSTORM",
            "id": "97561"
          },
          {
            "db": "PACKETSTORM",
            "id": "97609"
          },
          {
            "db": "PACKETSTORM",
            "id": "97111"
          },
          {
            "db": "PACKETSTORM",
            "id": "96937"
          },
          {
            "db": "PACKETSTORM",
            "id": "97176"
          },
          {
            "db": "PACKETSTORM",
            "id": "96954"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201012-262"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-1676"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2010-3318"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-3344"
          },
          {
            "db": "BID",
            "id": "45500"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-002937"
          },
          {
            "db": "PACKETSTORM",
            "id": "97561"
          },
          {
            "db": "PACKETSTORM",
            "id": "97609"
          },
          {
            "db": "PACKETSTORM",
            "id": "97111"
          },
          {
            "db": "PACKETSTORM",
            "id": "96937"
          },
          {
            "db": "PACKETSTORM",
            "id": "97176"
          },
          {
            "db": "PACKETSTORM",
            "id": "96954"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201012-262"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-1676"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2010-12-21T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2010-3318"
          },
          {
            "date": "2010-12-23T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2010-3344"
          },
          {
            "date": "2010-12-20T00:00:00",
            "db": "BID",
            "id": "45500"
          },
          {
            "date": "2012-03-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2010-002937"
          },
          {
            "date": "2011-01-15T19:58:29",
            "db": "PACKETSTORM",
            "id": "97561"
          },
          {
            "date": "2011-01-18T10:42:52",
            "db": "PACKETSTORM",
            "id": "97609"
          },
          {
            "date": "2010-12-28T08:35:56",
            "db": "PACKETSTORM",
            "id": "97111"
          },
          {
            "date": "2010-12-23T14:45:57",
            "db": "PACKETSTORM",
            "id": "96937"
          },
          {
            "date": "2010-12-30T04:57:34",
            "db": "PACKETSTORM",
            "id": "97176"
          },
          {
            "date": "2010-12-25T08:42:40",
            "db": "PACKETSTORM",
            "id": "96954"
          },
          {
            "date": "2010-12-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201012-262"
          },
          {
            "date": "2010-12-22T01:00:02.687000",
            "db": "NVD",
            "id": "CVE-2010-1676"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2010-12-21T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2010-3318"
          },
          {
            "date": "2010-12-23T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2010-3344"
          },
          {
            "date": "2015-04-16T17:46:00",
            "db": "BID",
            "id": "45500"
          },
          {
            "date": "2012-03-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2010-002937"
          },
          {
            "date": "2010-12-27T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201012-262"
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2010-1676"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "96937"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201012-262"
          }
        ],
        "trust": 0.7
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor heap buffer overflow vulnerability",
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2010-3344"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201012-262"
          }
        ],
        "trust": 1.2
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer overflow",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201012-262"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201101-0101

    Vulnerability from variot - Updated: 2025-04-11 23:02

    Heap-based buffer overflow in Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. Tor is a second generation of onion routing implementation. The TOR project team patched Tor multiple security vulnerabilities, including heap overflow allowing arbitrary code execution (CVE-2011-0427). Zlib compression processing has a denial of service vulnerability, but some key memory is not properly zero initialized before release. Causes leakage of critical memory information. Tor is prone to a heap-based buffer-overflow vulnerability, a denial-of-service vulnerability, and an information-disclosure vulnerability. ----------------------------------------------------------------------

    Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM).

    Request a free trial: http://secunia.com/products/corporate/vim/


    TITLE: Tor Multiple Vulnerabilities

    SECUNIA ADVISORY ID: SA42907

    VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42907/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42907

    RELEASE DATE: 2011-01-19

    DISCUSS ADVISORY: http://secunia.com/advisories/42907/#comments

    AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

    http://secunia.com/advisories/42907/

    ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

    https://ca.secunia.com/?page=viewadvisory&vuln_id=42907

    ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

    http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

    DESCRIPTION: A weakness and two vulnerabilities have been reported in Tor, which can be exploited by malicious, local users to disclose potentially sensitive information, and by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system.

    1) An unspecified error can be exploited to cause a heap-based memory corruption.

    2) An error within the handling of zlib-compressed data can be exploited to cause a DoS by sending specially crafted compressed data.

    3) Various functions do not properly clear keys from memory before freeing them, which may lead to the disclosure of the keys.

    The weakness and the vulnerabilities are reported in versions prior to 0.2.1.29.

    SOLUTION: Update to version 0.2.1.29.

    PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) debuger 2) doorss 3) cypherpunks

    ORIGINAL ADVISORY: http://blog.torproject.org/blog/tor-02129-released-security-patches 2) https://trac.torproject.org/projects/tor/ticket/2324 3) https://trac.torproject.org/projects/tor/ticket/2384 https://trac.torproject.org/projects/tor/ticket/2385

    OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

    DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

    EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

    EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

    EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/


    About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/advisories/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    .

    For more information: SA42907

    SOLUTION: Apply updated packages via the apt-get package manager. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1


    Debian Security Advisory DSA-2148-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff January 17, 2011 http://www.debian.org/security/faq


    Package : tor Vulnerability : several Problem type : remote Debian-specific: no CVE ID : CVE-2011-0427

    The developers of Tor, an anonymizing overlay network for TCP, found three security issues during a security audit. The Debian Security Tracker will be updated once they're available: http://security-tracker.debian.org/tracker/source-package/tor

    For the stable distribution (lenny), this problem has been fixed in version 0.2.1.29-1~lenny+1.

    For the testing distribution (squeeze) and the unstable distribution (sid), this problem has been fixed in version 0.2.1.29-1.

    For the experimental distribution, this problem has been fixed in version 0.2.2.21-alpha-1.

    We recommend that you upgrade your tor packages.

    Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux)

    iEYEARECAAYFAk00jUQACgkQXm3vHE4uylpElQCdGeCpaq6kGaUtHXwyKbj4WjMe Uk0AoLm9PBi6oSAqFsicw4h6M9y6gCha =NFbb -----END PGP SIGNATURE----- .

    Affected packages

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
    

    1 net-misc/tor < 0.2.1.30 >= 0.2.1.30

    Description

    Multiple vulnerabilities have been discovered in Tor. Please review the CVE identifiers referenced below for details.

    Workaround

    There is no known workaround at this time.

    Resolution

    All Tor users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/tor-0.2.1.30"

    NOTE: This is a legacy GLSA. Updates for all affected architectures are available since April 2, 2011. It is likely that your system is already no longer affected by this issue.

    References

    [ 1 ] CVE-2011-0015 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0015 [ 2 ] CVE-2011-0016 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0016 [ 3 ] CVE-2011-0427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0427 [ 4 ] CVE-2011-0490 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0490 [ 5 ] CVE-2011-0491 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0491 [ 6 ] CVE-2011-0492 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0492 [ 7 ] CVE-2011-0493 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0493 [ 8 ] CVE-2011-1924 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1924

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-201110-13.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201101-0101",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.0.7.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.0.6.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.0.6.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.0.7.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.0.7.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.8.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.28"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.32"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.31"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.29"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre27"
          },
          {
            "model": "tor",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.28"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.27"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.27"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.30"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.31"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.34"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.33"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.35"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.30"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "tor",
            "version": "0.2.1.28"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "the tor",
            "version": "0.2.2.21-alpha"
          },
          {
            "model": "tor",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "the tor",
            "version": "0.2.2.x"
          },
          {
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "linux mipsel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "linux m68k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "linux hppa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "linux armel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "linux alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "model": "tor",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.1.29"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-0204"
          },
          {
            "db": "BID",
            "id": "45832"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004109"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-213"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0427"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:torproject:tor",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004109"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "debuger, doorss and cypherpunks.",
        "sources": [
          {
            "db": "BID",
            "id": "45832"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2011-0427",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2011-0427",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2011-0427",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2011-0427",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201101-213",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004109"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-213"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0427"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Heap-based buffer overflow in Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. Tor is a second generation of onion routing implementation. The TOR project team patched Tor multiple security vulnerabilities, including heap overflow allowing arbitrary code execution (CVE-2011-0427). Zlib compression processing has a denial of service vulnerability, but some key memory is not properly zero initialized before release. Causes leakage of critical memory information. Tor is prone to a heap-based buffer-overflow vulnerability, a denial-of-service vulnerability, and an information-disclosure vulnerability. ----------------------------------------------------------------------\n\n\nSecure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). \n\nRequest a free trial: \nhttp://secunia.com/products/corporate/vim/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nTor Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA42907\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/42907/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42907\n\nRELEASE DATE:\n2011-01-19\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/42907/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/42907/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42907\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA weakness and two vulnerabilities have been reported in Tor, which\ncan be exploited by malicious, local users to disclose potentially\nsensitive information, and by malicious people to cause a DoS (Denial\nof Service) and potentially compromise a user\u0027s system. \n\n1) An unspecified error can be exploited to cause a heap-based memory\ncorruption. \n\n2) An error within the handling of zlib-compressed data can be\nexploited to cause a DoS by sending specially crafted compressed\ndata. \n\n3) Various functions do not properly clear keys from memory before\nfreeing them, which may lead to the disclosure of the keys. \n\nThe weakness and the vulnerabilities are reported in versions prior\nto 0.2.1.29. \n\nSOLUTION:\nUpdate to version 0.2.1.29. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits:\n1) debuger\n2) doorss\n3) cypherpunks\n\nORIGINAL ADVISORY:\nhttp://blog.torproject.org/blog/tor-02129-released-security-patches\n2) https://trac.torproject.org/projects/tor/ticket/2324\n3) https://trac.torproject.org/projects/tor/ticket/2384\nhttps://trac.torproject.org/projects/tor/ticket/2385\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\nFor more information:\nSA42907\n\nSOLUTION:\nApply updated packages via the apt-get package manager. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2148-1                   security@debian.org\nhttp://www.debian.org/security/                        Moritz Muehlenhoff\nJanuary 17, 2011                       http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage        : tor\nVulnerability  : several\nProblem type   : remote\nDebian-specific: no\nCVE ID         : CVE-2011-0427\n\nThe developers of Tor, an anonymizing overlay network for TCP, found \nthree security issues during a security audit. The Debian Security\nTracker will be updated once they\u0027re available:\nhttp://security-tracker.debian.org/tracker/source-package/tor\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 0.2.1.29-1~lenny+1. \n\nFor the testing distribution (squeeze) and the unstable distribution (sid),\nthis problem has been fixed in version 0.2.1.29-1. \n\nFor the experimental distribution, this problem has been fixed in\nversion 0.2.2.21-alpha-1. \n\nWe recommend that you upgrade your tor packages. \n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.10 (GNU/Linux)\n\niEYEARECAAYFAk00jUQACgkQXm3vHE4uylpElQCdGeCpaq6kGaUtHXwyKbj4WjMe\nUk0AoLm9PBi6oSAqFsicw4h6M9y6gCha\n=NFbb\n-----END PGP SIGNATURE-----\n. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  net-misc/tor                \u003c 0.2.1.30               \u003e= 0.2.1.30\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Tor. Please review the\nCVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Tor users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=net-misc/tor-0.2.1.30\"\n\nNOTE: This is a legacy GLSA. Updates for all affected architectures are\navailable since April 2, 2011. It is likely that your system is already\nno longer affected by this issue. \n\nReferences\n==========\n\n[ 1 ] CVE-2011-0015\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0015\n[ 2 ] CVE-2011-0016\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0016\n[ 3 ] CVE-2011-0427\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0427\n[ 4 ] CVE-2011-0490\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0490\n[ 5 ] CVE-2011-0491\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0491\n[ 6 ] CVE-2011-0492\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0492\n[ 7 ] CVE-2011-0493\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0493\n[ 8 ] CVE-2011-1924\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1924\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201110-13.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2011 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2011-0427"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004109"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2011-0204"
          },
          {
            "db": "BID",
            "id": "45832"
          },
          {
            "db": "PACKETSTORM",
            "id": "97644"
          },
          {
            "db": "PACKETSTORM",
            "id": "97622"
          },
          {
            "db": "PACKETSTORM",
            "id": "97616"
          },
          {
            "db": "PACKETSTORM",
            "id": "105951"
          }
        ],
        "trust": 2.79
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2011-0427",
            "trust": 3.5
          },
          {
            "db": "BID",
            "id": "45832",
            "trust": 1.3
          },
          {
            "db": "SECUNIA",
            "id": "42907",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "42905",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2011-0132",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2011-0131",
            "trust": 1.0
          },
          {
            "db": "SECTRACK",
            "id": "1024980",
            "trust": 1.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004109",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2011-0204",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-213",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "97644",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "97622",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "97616",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "105951",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-0204"
          },
          {
            "db": "BID",
            "id": "45832"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004109"
          },
          {
            "db": "PACKETSTORM",
            "id": "97644"
          },
          {
            "db": "PACKETSTORM",
            "id": "97622"
          },
          {
            "db": "PACKETSTORM",
            "id": "97616"
          },
          {
            "db": "PACKETSTORM",
            "id": "105951"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-213"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0427"
          }
        ]
      },
      "id": "VAR-201101-0101",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-0204"
          }
        ],
        "trust": 0.06
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-0204"
          }
        ]
      },
      "last_update_date": "2025-04-11T23:02:12.317000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "tor-02129-released-security-patches",
            "trust": 0.8,
            "url": "http://blog.torproject.org/blog/tor-02129-released-security-patches"
          },
          {
            "title": "Tor unexplained buffer overflow, patch for denial of service and information disclosure vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/2615"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-0204"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004109"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004109"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0427"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.4,
            "url": "http://blog.torproject.org/blog/tor-02129-released-security-patches"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/42907"
          },
          {
            "trust": 1.0,
            "url": "http://www.securitytracker.com/id?1024980"
          },
          {
            "trust": 1.0,
            "url": "http://www.debian.org/security/2011/dsa-2148"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/42905"
          },
          {
            "trust": 1.0,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64748"
          },
          {
            "trust": 1.0,
            "url": "https://gitweb.torproject.org/tor.git/blob/refs/heads/release-0.2.2:/changelog"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2011/0132"
          },
          {
            "trust": 1.0,
            "url": "http://archives.seul.org/or/announce/jan-2011/msg00000.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2011/0131"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/bid/45832"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0427"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0427"
          },
          {
            "trust": 0.6,
            "url": "http://blog.torproject.org/blog/tor-02129-released-security-patcheshttp"
          },
          {
            "trust": 0.3,
            "url": "http://www.torproject.org/index.html.en"
          },
          {
            "trust": 0.2,
            "url": "http://secunia.com/products/corporate/evm/"
          },
          {
            "trust": 0.2,
            "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
          },
          {
            "trust": 0.2,
            "url": "http://secunia.com/advisories/secunia_security_advisories/"
          },
          {
            "trust": 0.2,
            "url": "http://secunia.com/products/corporate/vim/"
          },
          {
            "trust": 0.2,
            "url": "http://secunia.com/vulnerability_scanning/personal/"
          },
          {
            "trust": 0.2,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.2,
            "url": "http://secunia.com/advisories/about_secunia_advisories/"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0427"
          },
          {
            "trust": 0.1,
            "url": "https://trac.torproject.org/projects/tor/ticket/2384"
          },
          {
            "trust": 0.1,
            "url": "https://trac.torproject.org/projects/tor/ticket/2324"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/42907/"
          },
          {
            "trust": 0.1,
            "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42907"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/42907/#comments"
          },
          {
            "trust": 0.1,
            "url": "https://trac.torproject.org/projects/tor/ticket/2385"
          },
          {
            "trust": 0.1,
            "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42905"
          },
          {
            "trust": 0.1,
            "url": "http://www.us.debian.org/security/2011/dsa-2148"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/42905/#comments"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/42905/"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/faq"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "http://security-tracker.debian.org/tracker/source-package/tor"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0016"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0493"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0493"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0016"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0490"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0015"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0490"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0491"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0492"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1924"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0015"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0427"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0491"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-1924"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0492"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/glsa/glsa-201110-13.xml"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-0204"
          },
          {
            "db": "BID",
            "id": "45832"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004109"
          },
          {
            "db": "PACKETSTORM",
            "id": "97644"
          },
          {
            "db": "PACKETSTORM",
            "id": "97622"
          },
          {
            "db": "PACKETSTORM",
            "id": "97616"
          },
          {
            "db": "PACKETSTORM",
            "id": "105951"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0427"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-0204"
          },
          {
            "db": "BID",
            "id": "45832"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004109"
          },
          {
            "db": "PACKETSTORM",
            "id": "97644"
          },
          {
            "db": "PACKETSTORM",
            "id": "97622"
          },
          {
            "db": "PACKETSTORM",
            "id": "97616"
          },
          {
            "db": "PACKETSTORM",
            "id": "105951"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-213"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0427"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2011-01-18T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2011-0204"
          },
          {
            "date": "2011-01-17T00:00:00",
            "db": "BID",
            "id": "45832"
          },
          {
            "date": "2012-03-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-004109"
          },
          {
            "date": "2011-01-18T10:02:22",
            "db": "PACKETSTORM",
            "id": "97644"
          },
          {
            "date": "2011-01-18T01:26:35",
            "db": "PACKETSTORM",
            "id": "97622"
          },
          {
            "date": "2011-01-18T21:19:09",
            "db": "PACKETSTORM",
            "id": "97616"
          },
          {
            "date": "2011-10-18T19:42:05",
            "db": "PACKETSTORM",
            "id": "105951"
          },
          {
            "date": "2011-01-20T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201101-213"
          },
          {
            "date": "2011-01-19T12:00:19.750000",
            "db": "NVD",
            "id": "CVE-2011-0427"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2013-09-06T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2011-0204"
          },
          {
            "date": "2015-05-07T17:14:00",
            "db": "BID",
            "id": "45832"
          },
          {
            "date": "2012-03-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-004109"
          },
          {
            "date": "2011-01-20T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201101-213"
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2011-0427"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "105951"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-213"
          }
        ],
        "trust": 0.7
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor Heap-based buffer overflow vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004109"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer overflow",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-213"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201101-0396

    Vulnerability from variot - Updated: 2025-04-11 23:02

    Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha allows remote attackers to cause a denial of service (assertion failure and daemon exit) via blobs that trigger a certain file size, as demonstrated by the cached-descriptors.new file. Tor is a second generation of onion routing implementation. Tor is prone to multiple denial-of-service vulnerabilities. Attackers can exploit these issues to crash the affected computer, denying service to legitimate users. These issues affect versions prior to Tor 0.2.1.29, 0.2.2, and 0.2.2.21-alpha. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201110-13


                                            http://security.gentoo.org/
    

    Severity: High Title: Tor: Multiple vulnerabilities Date: October 18, 2011 Bugs: #351920, #359789 ID: 201110-13


    Synopsis

    Multiple vulnerabilities were found in Tor, the most severe of which may allow a remote attacker to execute arbitrary code.

    Affected packages

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
    

    1 net-misc/tor < 0.2.1.30 >= 0.2.1.30

    Description

    Multiple vulnerabilities have been discovered in Tor. Please review the CVE identifiers referenced below for details.

    Impact

    A remote unauthenticated attacker may be able to execute arbitrary code with the privileges of the Tor process or create a Denial of Service.

    Workaround

    There is no known workaround at this time.

    Resolution

    All Tor users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/tor-0.2.1.30"

    NOTE: This is a legacy GLSA. Updates for all affected architectures are available since April 2, 2011. It is likely that your system is already no longer affected by this issue.

    References

    [ 1 ] CVE-2011-0015 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0015 [ 2 ] CVE-2011-0016 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0016 [ 3 ] CVE-2011-0427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0427 [ 4 ] CVE-2011-0490 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0490 [ 5 ] CVE-2011-0491 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0491 [ 6 ] CVE-2011-0492 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0492 [ 7 ] CVE-2011-0493 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0493 [ 8 ] CVE-2011-1924 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1924

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-201110-13.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201101-0396",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.1.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.1.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.1.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.2.1.27"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.2.1.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.2.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.2.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.8.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.28"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.32"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.31"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.29"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre27"
          },
          {
            "model": "tor",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.28"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.27"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.30"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.31"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.34"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.33"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.35"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.30"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "the tor",
            "version": "0.2.2.21-alpha"
          },
          {
            "model": "tor",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "the tor",
            "version": "0.2.2.x"
          },
          {
            "model": "tor",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "tor",
            "version": "0.2.1.29"
          },
          {
            "model": ".20-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".19-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".18-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".17-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".16-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".15-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".14-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.1.28"
          },
          {
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "model": ".21-alpha",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": "tor",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": "tor",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.1.29"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-0309"
          },
          {
            "db": "BID",
            "id": "45953"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004136"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-223"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0492"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:torproject:tor",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004136"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor",
        "sources": [
          {
            "db": "BID",
            "id": "45953"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2011-0492",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2011-0492",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2011-0492",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2011-0492",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201101-223",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004136"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-223"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0492"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha allows remote attackers to cause a denial of service (assertion failure and daemon exit) via blobs that trigger a certain file size, as demonstrated by the cached-descriptors.new file. Tor is a second generation of onion routing implementation. Tor is prone to multiple denial-of-service vulnerabilities. \nAttackers can exploit these issues to crash the affected computer, denying service to legitimate users. \nThese issues affect versions prior to Tor 0.2.1.29, 0.2.2, and 0.2.2.21-alpha. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201110-13\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                            http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n    Title: Tor: Multiple vulnerabilities\n     Date: October 18, 2011\n     Bugs: #351920, #359789\n       ID: 201110-13\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities were found in Tor, the most severe of which\nmay allow a remote attacker to execute arbitrary code. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  net-misc/tor                \u003c 0.2.1.30               \u003e= 0.2.1.30\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Tor. Please review the\nCVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote unauthenticated attacker may be able to execute arbitrary code\nwith the privileges of the Tor process or create a Denial of Service. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Tor users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=net-misc/tor-0.2.1.30\"\n\nNOTE: This is a legacy GLSA. Updates for all affected architectures are\navailable since April 2, 2011. It is likely that your system is already\nno longer affected by this issue. \n\nReferences\n==========\n\n[ 1 ] CVE-2011-0015\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0015\n[ 2 ] CVE-2011-0016\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0016\n[ 3 ] CVE-2011-0427\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0427\n[ 4 ] CVE-2011-0490\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0490\n[ 5 ] CVE-2011-0491\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0491\n[ 6 ] CVE-2011-0492\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0492\n[ 7 ] CVE-2011-0493\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0493\n[ 8 ] CVE-2011-1924\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1924\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201110-13.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2011 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2011-0492"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004136"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2011-0309"
          },
          {
            "db": "BID",
            "id": "45953"
          },
          {
            "db": "PACKETSTORM",
            "id": "105951"
          }
        ],
        "trust": 2.52
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2011-0492",
            "trust": 3.4
          },
          {
            "db": "BID",
            "id": "45953",
            "trust": 1.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004136",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2011-0309",
            "trust": 0.6
          },
          {
            "db": "MLIST",
            "id": "[OR-ANNOUNCE] 20110117 TOR 0.2.1.29 IS RELEASED (SECURITY PATCHES)",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-223",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "105951",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-0309"
          },
          {
            "db": "BID",
            "id": "45953"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004136"
          },
          {
            "db": "PACKETSTORM",
            "id": "105951"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-223"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0492"
          }
        ]
      },
      "id": "VAR-201101-0396",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-0309"
          }
        ],
        "trust": 1.00865386
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-0309"
          }
        ]
      },
      "last_update_date": "2025-04-11T23:02:12.274000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "tor-02129-released-security-patches",
            "trust": 0.8,
            "url": "http://blog.torproject.org/blog/tor-02129-released-security-patches"
          },
          {
            "title": "Tor allows remote attackers to patch patches for data corruption by modifying certain file sizes in the cached-descriptors.new file",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/2712"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-0309"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004136"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-399",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004136"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0492"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.9,
            "url": "https://trac.torproject.org/projects/tor/ticket/2326"
          },
          {
            "trust": 1.9,
            "url": "https://gitweb.torproject.org/tor.git/blob/refs/heads/release-0.2.2:/changelog"
          },
          {
            "trust": 1.9,
            "url": "http://archives.seul.org/or/announce/jan-2011/msg00000.html"
          },
          {
            "trust": 1.9,
            "url": "http://blog.torproject.org/blog/tor-02129-released-security-patches"
          },
          {
            "trust": 1.0,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64867"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/bid/45953"
          },
          {
            "trust": 0.9,
            "url": "https://trac.torproject.org/projects/tor/ticket/2190"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0492"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0492"
          },
          {
            "trust": 0.3,
            "url": "https://trac.torproject.org/projects/tor/ticket/2352"
          },
          {
            "trust": 0.3,
            "url": "https://trac.torproject.org/projects/tor/ticket/2324"
          },
          {
            "trust": 0.3,
            "url": "http://www.torproject.org/index.html.en"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0016"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0493"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0493"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0016"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0490"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0015"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0490"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0491"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0492"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1924"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0015"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0427"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0427"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0491"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-1924"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0492"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/glsa/glsa-201110-13.xml"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-0309"
          },
          {
            "db": "BID",
            "id": "45953"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004136"
          },
          {
            "db": "PACKETSTORM",
            "id": "105951"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-223"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0492"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-0309"
          },
          {
            "db": "BID",
            "id": "45953"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004136"
          },
          {
            "db": "PACKETSTORM",
            "id": "105951"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-223"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0492"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2011-01-24T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2011-0309"
          },
          {
            "date": "2011-01-21T00:00:00",
            "db": "BID",
            "id": "45953"
          },
          {
            "date": "2012-03-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-004136"
          },
          {
            "date": "2011-10-18T19:42:05",
            "db": "PACKETSTORM",
            "id": "105951"
          },
          {
            "date": "2011-01-20T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201101-223"
          },
          {
            "date": "2011-01-19T12:00:20.657000",
            "db": "NVD",
            "id": "CVE-2011-0492"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2011-01-24T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2011-0309"
          },
          {
            "date": "2015-05-07T17:19:00",
            "db": "BID",
            "id": "45953"
          },
          {
            "date": "2012-03-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-004136"
          },
          {
            "date": "2011-01-20T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201101-223"
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2011-0492"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "105951"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-223"
          }
        ],
        "trust": 0.7
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor Service disruption in  (DoS) Vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004136"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "resource management error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-223"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201106-0064

    Vulnerability from variot - Updated: 2025-04-11 23:02

    Buffer overflow in the policy_summarize function in or/policies.c in Tor before 0.2.1.30 allows remote attackers to cause a denial of service (directory authority crash) via a crafted policy that triggers creation of a long port list. Tor is a second generation onion routing implementation. Tor is prone to a denial-of-service vulnerability that affects directory authority. Versions prior to Tor 0.2.1.30 are vulnerable. ----------------------------------------------------------------------

    Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei.

    For more information: SA43548

    SOLUTION: Apply updated packages via the yum utility ("yum update tor"). ----------------------------------------------------------------------

    Meet Secunia @ Microsoft Management Summit (MMS) in Las Vegas, USA (21-25 March).

    http://secunia.com/company/events/mms_2011/


    TITLE: Tor "policy_summarize()" Directory Authority Denial of Service Vulnerability

    SECUNIA ADVISORY ID: SA43548

    VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43548/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43548

    RELEASE DATE: 2011-03-20

    DISCUSS ADVISORY: http://secunia.com/advisories/43548/#comments

    AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

    http://secunia.com/advisories/43548/

    ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

    https://ca.secunia.com/?page=viewadvisory&vuln_id=43548

    ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

    http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

    DESCRIPTION: A vulnerability has been reported in Tor, which can be exploited by malicious people to cause a DoS (Denial of Service).

    SOLUTION: Update to version 0.2.1.30.

    PROVIDED AND/OR DISCOVERED BY: The vendor credits piebeer.

    ORIGINAL ADVISORY: https://lists.torproject.org/pipermail/tor-announce/2011-February/000000.html

    OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

    DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

    EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

    EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

    EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/


    About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/advisories/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201110-13


                                            http://security.gentoo.org/
    

    Severity: High Title: Tor: Multiple vulnerabilities Date: October 18, 2011 Bugs: #351920, #359789 ID: 201110-13


    Synopsis

    Multiple vulnerabilities were found in Tor, the most severe of which may allow a remote attacker to execute arbitrary code.

    Affected packages

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
    

    1 net-misc/tor < 0.2.1.30 >= 0.2.1.30

    Description

    Multiple vulnerabilities have been discovered in Tor. Please review the CVE identifiers referenced below for details.

    Workaround

    There is no known workaround at this time.

    Resolution

    All Tor users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/tor-0.2.1.30"

    NOTE: This is a legacy GLSA. Updates for all affected architectures are available since April 2, 2011. It is likely that your system is already no longer affected by this issue.

    References

    [ 1 ] CVE-2011-0015 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0015 [ 2 ] CVE-2011-0016 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0016 [ 3 ] CVE-2011-0427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0427 [ 4 ] CVE-2011-0490 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0490 [ 5 ] CVE-2011-0491 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0491 [ 6 ] CVE-2011-0492 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0492 [ 7 ] CVE-2011-0493 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0493 [ 8 ] CVE-2011-1924 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1924

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-201110-13.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 2.5,
            "vendor": "tor",
            "version": "0.2.1.28"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 2.5,
            "vendor": "tor",
            "version": "0.2.1.27"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "tor",
            "version": "0.2.1.20"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "tor",
            "version": "0.2.1.21"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "tor",
            "version": "0.2.1.22"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.1.5"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.1.9"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.1.6"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.1.7"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.1.4"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.1.3"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.1.8"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.5,
            "vendor": "tor",
            "version": "0.2.1.29"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.12"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.10"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.23"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.21"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.14"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.19"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.2"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.6"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.15"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.27"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.8"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.28"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.1"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.8.1"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.28"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.5"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.14"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre21"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.9"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.18"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.3"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.1"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.18"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.32"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.2"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.6"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.5"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.24"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.19"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.4"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.1"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.2"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.19"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.3"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.12"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.25"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.12"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.2_alpha"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.31"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.4"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.17"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.23"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.26"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.4"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.11"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.8"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.15"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.8"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.12"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6.1"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.5"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre16"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.29"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.11"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.11"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.23"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre17"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.17"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.8"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.9"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.15"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre27"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.27"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.17"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.15"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.6_alpha"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre24"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.1"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.26"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.17"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.4"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre13"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.5"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.8"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.12"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.3"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre15"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre23"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.13"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.10"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.24"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.15"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.6"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.19"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.10"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.3"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.14"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.30"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.10"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.6"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.3"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.3"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.9"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.7"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.1_alpha"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.13"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.25"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.3"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.19"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.8"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.2"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.16"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.31"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.16"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.2"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.23"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.16"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.7"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.14"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.25"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.10"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.9"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.6"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.7"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.5"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.34"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.22"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.4"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.10"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.21"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.2"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.5"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.7"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre14"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.11"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.7"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.33"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.16"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.10_alpha"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.13"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.16"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.20"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.35"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.16"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.13"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre18"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.8"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.26"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.13"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.14"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.26"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.20"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.17"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.18"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.19"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.4"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre22"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.11"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.14"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.3"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.22"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.24"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.17"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.4_alpha"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.10"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.5"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.22"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.18"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.18"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.1"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.30"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.2"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.25"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.7_alpha"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.4"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.18"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.20"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.13"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.9"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.12"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.1"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre25"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre19"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.15"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.9"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre26"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.2"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.6"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.11"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.7"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.29"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre20"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.1"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6.2"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.3_alpha"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.21"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "the tor",
            "version": "0.2.1.30"
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "tor",
            "version": "0.2.1.x"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "_id": null,
            "model": "tor",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.1.30"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-2212"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2011-0840"
          },
          {
            "db": "BID",
            "id": "46618"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004598"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201106-056"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-1924"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:torproject:tor",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004598"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "piebeer",
        "sources": [
          {
            "db": "BID",
            "id": "46618"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2011-1924",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2011-1924",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2011-1924",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2011-1924",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201106-056",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004598"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201106-056"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-1924"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Buffer overflow in the policy_summarize function in or/policies.c in Tor before 0.2.1.30 allows remote attackers to cause a denial of service (directory authority crash) via a crafted policy that triggers creation of a long port list. Tor is a second generation onion routing implementation. Tor is prone to a denial-of-service vulnerability that affects directory authority. \nVersions prior to Tor 0.2.1.30 are vulnerable. ----------------------------------------------------------------------\n\n\nJoin Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria\nSee to the presentation \"The Dynamics and Threats of End-Point Software Portfolios\" by Secunia\u0027s Research Analyst Director, Stefan Frei. \n\nFor more information:\nSA43548\n\nSOLUTION:\nApply updated packages via the yum utility (\"yum update tor\"). ----------------------------------------------------------------------\n\n\nMeet Secunia @ Microsoft Management Summit (MMS) in Las Vegas, USA (21-25 March). \n\nhttp://secunia.com/company/events/mms_2011/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nTor \"policy_summarize()\" Directory Authority Denial of Service\nVulnerability\n\nSECUNIA ADVISORY ID:\nSA43548\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43548/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43548\n\nRELEASE DATE:\n2011-03-20\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43548/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43548/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43548\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in Tor, which can be exploited by\nmalicious people to cause a DoS (Denial of Service). \n\nSOLUTION:\nUpdate to version 0.2.1.30. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits piebeer. \n\nORIGINAL ADVISORY:\nhttps://lists.torproject.org/pipermail/tor-announce/2011-February/000000.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201110-13\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                            http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n    Title: Tor: Multiple vulnerabilities\n     Date: October 18, 2011\n     Bugs: #351920, #359789\n       ID: 201110-13\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities were found in Tor, the most severe of which\nmay allow a remote attacker to execute arbitrary code. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  net-misc/tor                \u003c 0.2.1.30               \u003e= 0.2.1.30\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Tor. Please review the\nCVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Tor users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=net-misc/tor-0.2.1.30\"\n\nNOTE: This is a legacy GLSA. Updates for all affected architectures are\navailable since April 2, 2011. It is likely that your system is already\nno longer affected by this issue. \n\nReferences\n==========\n\n[ 1 ] CVE-2011-0015\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0015\n[ 2 ] CVE-2011-0016\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0016\n[ 3 ] CVE-2011-0427\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0427\n[ 4 ] CVE-2011-0490\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0490\n[ 5 ] CVE-2011-0491\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0491\n[ 6 ] CVE-2011-0492\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0492\n[ 7 ] CVE-2011-0493\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0493\n[ 8 ] CVE-2011-1924\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1924\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201110-13.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2011 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2011-1924"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004598"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2011-2212"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2011-0840"
          },
          {
            "db": "BID",
            "id": "46618"
          },
          {
            "db": "PACKETSTORM",
            "id": "102073"
          },
          {
            "db": "PACKETSTORM",
            "id": "99519"
          },
          {
            "db": "PACKETSTORM",
            "id": "105951"
          }
        ],
        "trust": 3.24
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2011-1924",
            "trust": 3.4
          },
          {
            "db": "BID",
            "id": "46618",
            "trust": 2.5
          },
          {
            "db": "SECUNIA",
            "id": "44862",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "43548",
            "trust": 1.7
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004598",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2011-2212",
            "trust": 0.6
          },
          {
            "db": "CNVD",
            "id": "CNVD-2011-0840",
            "trust": 0.6
          },
          {
            "db": "FEDORA",
            "id": "FEDORA-2011-7972",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "16939",
            "trust": 0.6
          },
          {
            "db": "MLIST",
            "id": "[TOR-ANNOUNCE] 20110228 TOR 0.2.1.30 IS RELEASED",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201106-056",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "102073",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "99519",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "105951",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-2212"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2011-0840"
          },
          {
            "db": "BID",
            "id": "46618"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004598"
          },
          {
            "db": "PACKETSTORM",
            "id": "102073"
          },
          {
            "db": "PACKETSTORM",
            "id": "99519"
          },
          {
            "db": "PACKETSTORM",
            "id": "105951"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201106-056"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-1924"
          }
        ]
      },
      "id": "VAR-201106-0064",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-2212"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2011-0840"
          }
        ],
        "trust": 0.12
      },
      "iot_taxonomy": {
        "_id": null,
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 1.2
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-2212"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2011-0840"
          }
        ]
      },
      "last_update_date": "2025-04-11T23:02:12.222000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "Tor 0.2.1.30 is released",
            "trust": 0.8,
            "url": "https://lists.torproject.org/pipermail/tor-announce/2011-February/000000.html"
          },
          {
            "title": "Tor Directory Authority Denial of Service Vulnerability Patch",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/4066"
          },
          {
            "title": "Tor directory authorizes \u0027src/or/policies.c\u0027 denial of service vulnerability patch",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/3121"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-2212"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2011-0840"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004598"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004598"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-1924"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.0,
            "url": "https://lists.torproject.org/pipermail/tor-announce/2011-february/000000.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-june/061258.html"
          },
          {
            "trust": 1.6,
            "url": "https://gitweb.torproject.org/tor.git/commit/43414eb98821d3b5c6c65181d7545ce938f82c8e"
          },
          {
            "trust": 1.6,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=705194"
          },
          {
            "trust": 1.6,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=705192"
          },
          {
            "trust": 1.6,
            "url": "http://www.securityfocus.com/bid/46618"
          },
          {
            "trust": 1.6,
            "url": "http://secunia.com/advisories/44862"
          },
          {
            "trust": 1.6,
            "url": "http://secunia.com/advisories/43548"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1924"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-1924"
          },
          {
            "trust": 0.6,
            "url": "https://lists.torproject.org/pipermail/tor-announce/2011-february/000000.htmlhttps"
          },
          {
            "trust": 0.6,
            "url": "https://lists.torproject.org/pipermail/tor-announce/2011-february/000000.htmlhttp"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/16939"
          },
          {
            "trust": 0.3,
            "url": "http://www.torproject.org/index.html.en"
          },
          {
            "trust": 0.2,
            "url": "http://secunia.com/advisories/secunia_security_advisories/"
          },
          {
            "trust": 0.2,
            "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
          },
          {
            "trust": 0.2,
            "url": "http://secunia.com/vulnerability_scanning/personal/"
          },
          {
            "trust": 0.2,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.2,
            "url": "http://secunia.com/advisories/about_secunia_advisories/"
          },
          {
            "trust": 0.1,
            "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44862"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/44862/#comments"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/vulnerability_intelligence/"
          },
          {
            "trust": 0.1,
            "url": "http://conference.first.org/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/44862/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/43548/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/43548/#comments"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/products/corporate/evm/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/company/events/mms_2011/"
          },
          {
            "trust": 0.1,
            "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43548"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0016"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0493"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0493"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0016"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0490"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0015"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0490"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0491"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0492"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1924"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0015"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0427"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0427"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0491"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-1924"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0492"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/glsa/glsa-201110-13.xml"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-2212"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2011-0840"
          },
          {
            "db": "BID",
            "id": "46618"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004598"
          },
          {
            "db": "PACKETSTORM",
            "id": "102073"
          },
          {
            "db": "PACKETSTORM",
            "id": "99519"
          },
          {
            "db": "PACKETSTORM",
            "id": "105951"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201106-056"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-1924"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-2212",
            "ident": null
          },
          {
            "db": "CNVD",
            "id": "CNVD-2011-0840",
            "ident": null
          },
          {
            "db": "BID",
            "id": "46618",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004598",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "102073",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "99519",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "105951",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201106-056",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2011-1924",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2011-06-10T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2011-2212",
            "ident": null
          },
          {
            "date": "2011-03-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2011-0840",
            "ident": null
          },
          {
            "date": "2011-03-01T00:00:00",
            "db": "BID",
            "id": "46618",
            "ident": null
          },
          {
            "date": "2012-03-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-004598",
            "ident": null
          },
          {
            "date": "2011-06-08T06:52:16",
            "db": "PACKETSTORM",
            "id": "102073",
            "ident": null
          },
          {
            "date": "2011-03-19T10:32:49",
            "db": "PACKETSTORM",
            "id": "99519",
            "ident": null
          },
          {
            "date": "2011-10-18T19:42:05",
            "db": "PACKETSTORM",
            "id": "105951",
            "ident": null
          },
          {
            "date": "2011-06-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201106-056",
            "ident": null
          },
          {
            "date": "2011-06-14T17:55:05.313000",
            "db": "NVD",
            "id": "CVE-2011-1924",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2011-06-10T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2011-2212",
            "ident": null
          },
          {
            "date": "2011-03-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2011-0840",
            "ident": null
          },
          {
            "date": "2015-04-13T21:28:00",
            "db": "BID",
            "id": "46618",
            "ident": null
          },
          {
            "date": "2012-03-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-004598",
            "ident": null
          },
          {
            "date": "2011-06-15T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201106-056",
            "ident": null
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2011-1924",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "105951"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201106-056"
          }
        ],
        "trust": 0.7
      },
      "title": {
        "_id": null,
        "data": "Tor of  policy_summarize Buffer overflow vulnerability in functions",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004598"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "buffer overflow",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201106-056"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201101-0395

    Vulnerability from variot - Updated: 2025-04-11 23:02

    Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha makes calls to Libevent within Libevent log handlers, which might allow remote attackers to cause a denial of service (daemon crash) via vectors that trigger certain log messages. Tor is a second generation of onion routing implementation. Versions prior to Tor 0.2.1.29 and versions prior to 0.2.2.21-alpha can be called Libevent in the Libevent Log Processor. Tor is prone to multiple denial-of-service vulnerabilities. Attackers can exploit these issues to crash the affected computer, denying service to legitimate users. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201110-13


                                            http://security.gentoo.org/
    

    Severity: High Title: Tor: Multiple vulnerabilities Date: October 18, 2011 Bugs: #351920, #359789 ID: 201110-13


    Synopsis

    Multiple vulnerabilities were found in Tor, the most severe of which may allow a remote attacker to execute arbitrary code.

    Affected packages

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
    

    1 net-misc/tor < 0.2.1.30 >= 0.2.1.30

    Description

    Multiple vulnerabilities have been discovered in Tor. Please review the CVE identifiers referenced below for details.

    Impact

    A remote unauthenticated attacker may be able to execute arbitrary code with the privileges of the Tor process or create a Denial of Service.

    Workaround

    There is no known workaround at this time.

    Resolution

    All Tor users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/tor-0.2.1.30"

    NOTE: This is a legacy GLSA. Updates for all affected architectures are available since April 2, 2011. It is likely that your system is already no longer affected by this issue.

    References

    [ 1 ] CVE-2011-0015 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0015 [ 2 ] CVE-2011-0016 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0016 [ 3 ] CVE-2011-0427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0427 [ 4 ] CVE-2011-0490 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0490 [ 5 ] CVE-2011-0491 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0491 [ 6 ] CVE-2011-0492 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0492 [ 7 ] CVE-2011-0493 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0493 [ 8 ] CVE-2011-1924 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1924

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-201110-13.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201101-0395",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.2.1.27"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.2.1.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.2.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.2.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.8.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.28"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.32"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.31"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.29"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre27"
          },
          {
            "model": "tor",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.28"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.27"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.30"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.31"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.34"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.33"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.35"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.30"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "the tor",
            "version": "0.2.2.21-alpha"
          },
          {
            "model": "tor",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "the tor",
            "version": "0.2.2.x"
          },
          {
            "model": "tor",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "tor",
            "version": "0.2.1.29"
          },
          {
            "model": ".20-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".19-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".18-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".17-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".16-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".15-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".14-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.1.28"
          },
          {
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "model": ".21-alpha",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": "tor",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": "tor",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.1.29"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-0307"
          },
          {
            "db": "BID",
            "id": "45953"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004134"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-225"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0490"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:torproject:tor",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004134"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor",
        "sources": [
          {
            "db": "BID",
            "id": "45953"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2011-0490",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2011-0490",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2011-0490",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2011-0490",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201101-225",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004134"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-225"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0490"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha makes calls to Libevent within Libevent log handlers, which might allow remote attackers to cause a denial of service (daemon crash) via vectors that trigger certain log messages. Tor is a second generation of onion routing implementation. Versions prior to Tor 0.2.1.29 and versions prior to 0.2.2.21-alpha can be called Libevent in the Libevent Log Processor. Tor is prone to multiple denial-of-service vulnerabilities. \nAttackers can exploit these issues to crash the affected computer, denying service to legitimate users. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201110-13\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                            http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n    Title: Tor: Multiple vulnerabilities\n     Date: October 18, 2011\n     Bugs: #351920, #359789\n       ID: 201110-13\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities were found in Tor, the most severe of which\nmay allow a remote attacker to execute arbitrary code. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  net-misc/tor                \u003c 0.2.1.30               \u003e= 0.2.1.30\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Tor. Please review the\nCVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote unauthenticated attacker may be able to execute arbitrary code\nwith the privileges of the Tor process or create a Denial of Service. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Tor users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=net-misc/tor-0.2.1.30\"\n\nNOTE: This is a legacy GLSA. Updates for all affected architectures are\navailable since April 2, 2011. It is likely that your system is already\nno longer affected by this issue. \n\nReferences\n==========\n\n[ 1 ] CVE-2011-0015\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0015\n[ 2 ] CVE-2011-0016\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0016\n[ 3 ] CVE-2011-0427\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0427\n[ 4 ] CVE-2011-0490\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0490\n[ 5 ] CVE-2011-0491\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0491\n[ 6 ] CVE-2011-0492\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0492\n[ 7 ] CVE-2011-0493\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0493\n[ 8 ] CVE-2011-1924\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1924\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201110-13.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2011 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2011-0490"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004134"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2011-0307"
          },
          {
            "db": "BID",
            "id": "45953"
          },
          {
            "db": "PACKETSTORM",
            "id": "105951"
          }
        ],
        "trust": 2.52
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2011-0490",
            "trust": 3.4
          },
          {
            "db": "BID",
            "id": "45953",
            "trust": 1.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004134",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2011-0307",
            "trust": 0.6
          },
          {
            "db": "MLIST",
            "id": "[OR-ANNOUNCE] 20110117 TOR 0.2.1.29 IS RELEASED (SECURITY PATCHES)",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-225",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "105951",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-0307"
          },
          {
            "db": "BID",
            "id": "45953"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004134"
          },
          {
            "db": "PACKETSTORM",
            "id": "105951"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-225"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0490"
          }
        ]
      },
      "id": "VAR-201101-0395",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-0307"
          }
        ],
        "trust": 1.00865386
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-0307"
          }
        ]
      },
      "last_update_date": "2025-04-11T23:02:12.133000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "tor-02129-released-security-patches",
            "trust": 0.8,
            "url": "http://blog.torproject.org/blog/tor-02129-released-security-patches"
          },
          {
            "title": "Tor calls a patch for the Libevent vulnerability in the Libevent log processor",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/2710"
          },
          {
            "title": "vidalia-bundle-0.2.1.29-0.2.10-ppc-1",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=37089"
          },
          {
            "title": "vidalia-bundle-0.2.1.29-0.2.10-i386-1",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=37088"
          },
          {
            "title": "tor-0.2.1.29-win32",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=37087"
          },
          {
            "title": "tor-0.2.1.29",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=37086"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-0307"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004134"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-225"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-Other",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-DesignError",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004134"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0490"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.9,
            "url": "https://gitweb.torproject.org/tor.git/blob/refs/heads/release-0.2.2:/changelog"
          },
          {
            "trust": 1.9,
            "url": "https://trac.torproject.org/projects/tor/ticket/2190"
          },
          {
            "trust": 1.9,
            "url": "http://archives.seul.org/or/announce/jan-2011/msg00000.html"
          },
          {
            "trust": 1.9,
            "url": "http://blog.torproject.org/blog/tor-02129-released-security-patches"
          },
          {
            "trust": 1.0,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64889"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/bid/45953"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0490"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0490"
          },
          {
            "trust": 0.3,
            "url": "https://trac.torproject.org/projects/tor/ticket/2326"
          },
          {
            "trust": 0.3,
            "url": "https://trac.torproject.org/projects/tor/ticket/2352"
          },
          {
            "trust": 0.3,
            "url": "https://trac.torproject.org/projects/tor/ticket/2324"
          },
          {
            "trust": 0.3,
            "url": "http://www.torproject.org/index.html.en"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0016"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0493"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0493"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0016"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0490"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0015"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0490"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0491"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0492"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1924"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0015"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0427"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0427"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0491"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-1924"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0492"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/glsa/glsa-201110-13.xml"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "45953"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004134"
          },
          {
            "db": "PACKETSTORM",
            "id": "105951"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-225"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0490"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-0307"
          },
          {
            "db": "BID",
            "id": "45953"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004134"
          },
          {
            "db": "PACKETSTORM",
            "id": "105951"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-225"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0490"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2011-01-24T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2011-0307"
          },
          {
            "date": "2011-01-21T00:00:00",
            "db": "BID",
            "id": "45953"
          },
          {
            "date": "2012-03-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-004134"
          },
          {
            "date": "2011-10-18T19:42:05",
            "db": "PACKETSTORM",
            "id": "105951"
          },
          {
            "date": "2011-01-20T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201101-225"
          },
          {
            "date": "2011-01-19T12:00:19.920000",
            "db": "NVD",
            "id": "CVE-2011-0490"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2011-01-24T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2011-0307"
          },
          {
            "date": "2015-05-07T17:19:00",
            "db": "BID",
            "id": "45953"
          },
          {
            "date": "2012-03-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-004134"
          },
          {
            "date": "2011-01-20T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201101-225"
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2011-0490"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "105951"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-225"
          }
        ],
        "trust": 0.7
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor Service disruption in  (DoS) Vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004134"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "design error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-225"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201101-0394

    Vulnerability from variot - Updated: 2025-04-11 23:02

    The tor_realloc function in Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not validate a certain size value during memory allocation, which might allow remote attackers to cause a denial of service (daemon crash) via unspecified vectors, related to "underflow errors.". This vulnerability is related to a precision error.Service disruption by a third party ( Daemon crash ) There is a possibility of being put into a state. Tor is a second generation of onion routing implementation. To perform a denial of service (the daemon crashes). Tor is prone to multiple denial-of-service vulnerabilities. Attackers can exploit these issues to crash the affected computer, denying service to legitimate users. These issues affect versions prior to Tor 0.2.1.29, 0.2.2, and 0.2.2.21-alpha. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201110-13


                                            http://security.gentoo.org/
    

    Severity: High Title: Tor: Multiple vulnerabilities Date: October 18, 2011 Bugs: #351920, #359789 ID: 201110-13


    Synopsis

    Multiple vulnerabilities were found in Tor, the most severe of which may allow a remote attacker to execute arbitrary code.

    Affected packages

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
    

    1 net-misc/tor < 0.2.1.30 >= 0.2.1.30

    Description

    Multiple vulnerabilities have been discovered in Tor. Please review the CVE identifiers referenced below for details.

    Impact

    A remote unauthenticated attacker may be able to execute arbitrary code with the privileges of the Tor process or create a Denial of Service.

    Workaround

    There is no known workaround at this time.

    Resolution

    All Tor users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/tor-0.2.1.30"

    NOTE: This is a legacy GLSA. Updates for all affected architectures are available since April 2, 2011. It is likely that your system is already no longer affected by this issue.

    References

    [ 1 ] CVE-2011-0015 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0015 [ 2 ] CVE-2011-0016 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0016 [ 3 ] CVE-2011-0427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0427 [ 4 ] CVE-2011-0490 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0490 [ 5 ] CVE-2011-0491 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0491 [ 6 ] CVE-2011-0492 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0492 [ 7 ] CVE-2011-0493 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0493 [ 8 ] CVE-2011-1924 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1924

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-201110-13.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201101-0394",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.2.1.27"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.2.1.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.2.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.2.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.8.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.28"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.32"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.31"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.29"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre27"
          },
          {
            "model": "tor",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.28"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.27"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.30"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.31"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.34"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.33"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.35"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.30"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "the tor",
            "version": "0.2.2.21-alpha"
          },
          {
            "model": "tor",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "the tor",
            "version": "0.2.2.x"
          },
          {
            "model": "tor",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "tor",
            "version": "0.2.1.29"
          },
          {
            "model": ".20-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".19-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".18-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".17-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".16-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".15-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".14-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.1.28"
          },
          {
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "model": ".21-alpha",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": "tor",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": "tor",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.1.29"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-0308"
          },
          {
            "db": "BID",
            "id": "45953"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004135"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-224"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0491"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:torproject:tor",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004135"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor",
        "sources": [
          {
            "db": "BID",
            "id": "45953"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2011-0491",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2011-0491",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2011-0491",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2011-0491",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201101-224",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004135"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-224"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0491"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The tor_realloc function in Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not validate a certain size value during memory allocation, which might allow remote attackers to cause a denial of service (daemon crash) via unspecified vectors, related to \"underflow errors.\". This vulnerability is related to a precision error.Service disruption by a third party ( Daemon crash ) There is a possibility of being put into a state. Tor is a second generation of onion routing implementation. To perform a denial of service (the daemon crashes). Tor is prone to multiple denial-of-service vulnerabilities. \nAttackers can exploit these issues to crash the affected computer, denying service to legitimate users. \nThese issues affect versions prior to Tor 0.2.1.29, 0.2.2, and 0.2.2.21-alpha. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201110-13\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                            http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n    Title: Tor: Multiple vulnerabilities\n     Date: October 18, 2011\n     Bugs: #351920, #359789\n       ID: 201110-13\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities were found in Tor, the most severe of which\nmay allow a remote attacker to execute arbitrary code. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  net-misc/tor                \u003c 0.2.1.30               \u003e= 0.2.1.30\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Tor. Please review the\nCVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote unauthenticated attacker may be able to execute arbitrary code\nwith the privileges of the Tor process or create a Denial of Service. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Tor users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=net-misc/tor-0.2.1.30\"\n\nNOTE: This is a legacy GLSA. Updates for all affected architectures are\navailable since April 2, 2011. It is likely that your system is already\nno longer affected by this issue. \n\nReferences\n==========\n\n[ 1 ] CVE-2011-0015\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0015\n[ 2 ] CVE-2011-0016\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0016\n[ 3 ] CVE-2011-0427\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0427\n[ 4 ] CVE-2011-0490\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0490\n[ 5 ] CVE-2011-0491\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0491\n[ 6 ] CVE-2011-0492\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0492\n[ 7 ] CVE-2011-0493\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0493\n[ 8 ] CVE-2011-1924\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1924\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201110-13.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2011 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2011-0491"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004135"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2011-0308"
          },
          {
            "db": "BID",
            "id": "45953"
          },
          {
            "db": "PACKETSTORM",
            "id": "105951"
          }
        ],
        "trust": 2.52
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2011-0491",
            "trust": 3.4
          },
          {
            "db": "BID",
            "id": "45953",
            "trust": 1.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004135",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2011-0308",
            "trust": 0.6
          },
          {
            "db": "MLIST",
            "id": "[OR-ANNOUNCE] 20110117 TOR 0.2.1.29 IS RELEASED (SECURITY PATCHES)",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-224",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "105951",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-0308"
          },
          {
            "db": "BID",
            "id": "45953"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004135"
          },
          {
            "db": "PACKETSTORM",
            "id": "105951"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-224"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0491"
          }
        ]
      },
      "id": "VAR-201101-0394",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-0308"
          }
        ],
        "trust": 1.00865386
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-0308"
          }
        ]
      },
      "last_update_date": "2025-04-11T23:02:12.095000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "tor-02129-released-security-patches",
            "trust": 0.8,
            "url": "http://blog.torproject.org/blog/tor-02129-released-security-patches"
          },
          {
            "title": "The Tor_realloc function provided by Tor does not have a patch for verifying vulnerabilities during memory allocation.",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/2711"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-0308"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004135"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-20",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004135"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0491"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.9,
            "url": "https://gitweb.torproject.org/tor.git/blob/refs/heads/release-0.2.2:/changelog"
          },
          {
            "trust": 1.9,
            "url": "https://trac.torproject.org/projects/tor/ticket/2324"
          },
          {
            "trust": 1.9,
            "url": "http://archives.seul.org/or/announce/jan-2011/msg00000.html"
          },
          {
            "trust": 1.9,
            "url": "http://blog.torproject.org/blog/tor-02129-released-security-patches"
          },
          {
            "trust": 1.0,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64888"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/bid/45953"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0491"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0491"
          },
          {
            "trust": 0.3,
            "url": "https://trac.torproject.org/projects/tor/ticket/2326"
          },
          {
            "trust": 0.3,
            "url": "https://trac.torproject.org/projects/tor/ticket/2352"
          },
          {
            "trust": 0.3,
            "url": "https://trac.torproject.org/projects/tor/ticket/2190"
          },
          {
            "trust": 0.3,
            "url": "http://www.torproject.org/index.html.en"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0016"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0493"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0493"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0016"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0490"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0015"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0490"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0491"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0492"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1924"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0015"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0427"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0427"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0491"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-1924"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0492"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/glsa/glsa-201110-13.xml"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "45953"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004135"
          },
          {
            "db": "PACKETSTORM",
            "id": "105951"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-224"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0491"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-0308"
          },
          {
            "db": "BID",
            "id": "45953"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004135"
          },
          {
            "db": "PACKETSTORM",
            "id": "105951"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-224"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0491"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2011-01-24T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2011-0308"
          },
          {
            "date": "2011-01-21T00:00:00",
            "db": "BID",
            "id": "45953"
          },
          {
            "date": "2012-03-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-004135"
          },
          {
            "date": "2011-10-18T19:42:05",
            "db": "PACKETSTORM",
            "id": "105951"
          },
          {
            "date": "2011-01-20T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201101-224"
          },
          {
            "date": "2011-01-19T12:00:20.047000",
            "db": "NVD",
            "id": "CVE-2011-0491"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2011-01-24T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2011-0308"
          },
          {
            "date": "2015-05-07T17:19:00",
            "db": "BID",
            "id": "45953"
          },
          {
            "date": "2012-03-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-004135"
          },
          {
            "date": "2011-01-20T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201101-224"
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2011-0491"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "105951"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-224"
          }
        ],
        "trust": 0.7
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor of  tor_realloc Service disruption in functions  (DoS) Vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004135"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-224"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201101-0385

    Vulnerability from variot - Updated: 2025-04-11 23:02

    Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha might allow remote attackers to cause a denial of service (assertion failure and daemon exit) via vectors related to malformed router caches and improper handling of integer values. Tor is a second generation of onion routing implementation. Tor is prone to multiple denial-of-service vulnerabilities. Attackers can exploit these issues to crash the affected computer, denying service to legitimate users. These issues affect versions prior to Tor 0.2.1.29, 0.2.2, and 0.2.2.21-alpha. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201110-13


                                            http://security.gentoo.org/
    

    Severity: High Title: Tor: Multiple vulnerabilities Date: October 18, 2011 Bugs: #351920, #359789 ID: 201110-13


    Synopsis

    Multiple vulnerabilities were found in Tor, the most severe of which may allow a remote attacker to execute arbitrary code.

    Affected packages

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
    

    1 net-misc/tor < 0.2.1.30 >= 0.2.1.30

    Description

    Multiple vulnerabilities have been discovered in Tor. Please review the CVE identifiers referenced below for details.

    Impact

    A remote unauthenticated attacker may be able to execute arbitrary code with the privileges of the Tor process or create a Denial of Service.

    Workaround

    There is no known workaround at this time.

    Resolution

    All Tor users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/tor-0.2.1.30"

    NOTE: This is a legacy GLSA. Updates for all affected architectures are available since April 2, 2011. It is likely that your system is already no longer affected by this issue.

    References

    [ 1 ] CVE-2011-0015 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0015 [ 2 ] CVE-2011-0016 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0016 [ 3 ] CVE-2011-0427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0427 [ 4 ] CVE-2011-0490 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0490 [ 5 ] CVE-2011-0491 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0491 [ 6 ] CVE-2011-0492 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0492 [ 7 ] CVE-2011-0493 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0493 [ 8 ] CVE-2011-1924 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1924

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-201110-13.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201101-0385",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.1.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.1.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.2.1.27"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.2.1.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.2.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.2.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.8.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.28"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.32"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.31"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.29"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre27"
          },
          {
            "model": "tor",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.28"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.27"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.30"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.31"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.34"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.33"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.35"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.30"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.9.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "the tor",
            "version": "0.2.2.21-alpha"
          },
          {
            "model": "tor",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "the tor",
            "version": "0.2.2.x"
          },
          {
            "model": "tor",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "tor",
            "version": "0.2.1.29"
          },
          {
            "model": ".20-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".19-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".18-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".17-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".16-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".15-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".14-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.1.28"
          },
          {
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "model": ".21-alpha",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": "tor",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": "tor",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.1.29"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-0310"
          },
          {
            "db": "BID",
            "id": "45953"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004137"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-222"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0493"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:torproject:tor",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004137"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor",
        "sources": [
          {
            "db": "BID",
            "id": "45953"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2011-0493",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2011-0493",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2011-0493",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2011-0493",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201101-222",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004137"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-222"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0493"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha might allow remote attackers to cause a denial of service (assertion failure and daemon exit) via vectors related to malformed router caches and improper handling of integer values. Tor is a second generation of onion routing implementation. Tor is prone to multiple denial-of-service vulnerabilities. \nAttackers can exploit these issues to crash the affected computer, denying service to legitimate users. \nThese issues affect versions prior to Tor 0.2.1.29, 0.2.2, and 0.2.2.21-alpha. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201110-13\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                            http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n    Title: Tor: Multiple vulnerabilities\n     Date: October 18, 2011\n     Bugs: #351920, #359789\n       ID: 201110-13\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities were found in Tor, the most severe of which\nmay allow a remote attacker to execute arbitrary code. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  net-misc/tor                \u003c 0.2.1.30               \u003e= 0.2.1.30\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Tor. Please review the\nCVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote unauthenticated attacker may be able to execute arbitrary code\nwith the privileges of the Tor process or create a Denial of Service. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Tor users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=net-misc/tor-0.2.1.30\"\n\nNOTE: This is a legacy GLSA. Updates for all affected architectures are\navailable since April 2, 2011. It is likely that your system is already\nno longer affected by this issue. \n\nReferences\n==========\n\n[ 1 ] CVE-2011-0015\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0015\n[ 2 ] CVE-2011-0016\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0016\n[ 3 ] CVE-2011-0427\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0427\n[ 4 ] CVE-2011-0490\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0490\n[ 5 ] CVE-2011-0491\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0491\n[ 6 ] CVE-2011-0492\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0492\n[ 7 ] CVE-2011-0493\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0493\n[ 8 ] CVE-2011-1924\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1924\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201110-13.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2011 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2011-0493"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004137"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2011-0310"
          },
          {
            "db": "BID",
            "id": "45953"
          },
          {
            "db": "PACKETSTORM",
            "id": "105951"
          }
        ],
        "trust": 2.52
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2011-0493",
            "trust": 3.4
          },
          {
            "db": "BID",
            "id": "45953",
            "trust": 1.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004137",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2011-0310",
            "trust": 0.6
          },
          {
            "db": "MLIST",
            "id": "[OR-ANNOUNCE] 20110117 TOR 0.2.1.29 IS RELEASED (SECURITY PATCHES)",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-222",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "105951",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-0310"
          },
          {
            "db": "BID",
            "id": "45953"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004137"
          },
          {
            "db": "PACKETSTORM",
            "id": "105951"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-222"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0493"
          }
        ]
      },
      "id": "VAR-201101-0385",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-0310"
          }
        ],
        "trust": 1.00865386
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-0310"
          }
        ]
      },
      "last_update_date": "2025-04-11T23:02:12.057000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "tor-02129-released-security-patches",
            "trust": 0.8,
            "url": "http://blog.torproject.org/blog/tor-02129-released-security-patches"
          },
          {
            "title": "Tor has a security vulnerability patch",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/2713"
          },
          {
            "title": "vidalia-bundle-0.2.1.29-0.2.10-ppc-1",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=37089"
          },
          {
            "title": "vidalia-bundle-0.2.1.29-0.2.10-i386-1",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=37088"
          },
          {
            "title": "tor-0.2.1.29-win32",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=37087"
          },
          {
            "title": "tor-0.2.1.29",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=37086"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-0310"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004137"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-222"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-189",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004137"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0493"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.9,
            "url": "https://gitweb.torproject.org/tor.git/blob/refs/heads/release-0.2.2:/changelog"
          },
          {
            "trust": 1.9,
            "url": "https://trac.torproject.org/projects/tor/ticket/2352"
          },
          {
            "trust": 1.9,
            "url": "http://archives.seul.org/or/announce/jan-2011/msg00000.html"
          },
          {
            "trust": 1.9,
            "url": "http://blog.torproject.org/blog/tor-02129-released-security-patches"
          },
          {
            "trust": 1.0,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64864"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/bid/45953"
          },
          {
            "trust": 0.9,
            "url": "https://trac.torproject.org/projects/tor/ticket/2324"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0493"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0493"
          },
          {
            "trust": 0.3,
            "url": "https://trac.torproject.org/projects/tor/ticket/2326"
          },
          {
            "trust": 0.3,
            "url": "https://trac.torproject.org/projects/tor/ticket/2190"
          },
          {
            "trust": 0.3,
            "url": "http://www.torproject.org/index.html.en"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0016"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0493"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0493"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0016"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0490"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0015"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0490"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0491"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0492"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1924"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0015"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0427"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0427"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0491"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-1924"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0492"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/glsa/glsa-201110-13.xml"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-0310"
          },
          {
            "db": "BID",
            "id": "45953"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004137"
          },
          {
            "db": "PACKETSTORM",
            "id": "105951"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-222"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0493"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-0310"
          },
          {
            "db": "BID",
            "id": "45953"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004137"
          },
          {
            "db": "PACKETSTORM",
            "id": "105951"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-222"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-0493"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2011-01-24T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2011-0310"
          },
          {
            "date": "2011-01-21T00:00:00",
            "db": "BID",
            "id": "45953"
          },
          {
            "date": "2012-03-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-004137"
          },
          {
            "date": "2011-10-18T19:42:05",
            "db": "PACKETSTORM",
            "id": "105951"
          },
          {
            "date": "2011-01-20T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201101-222"
          },
          {
            "date": "2011-01-19T12:00:21.343000",
            "db": "NVD",
            "id": "CVE-2011-0493"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2011-01-24T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2011-0310"
          },
          {
            "date": "2015-05-07T17:19:00",
            "db": "BID",
            "id": "45953"
          },
          {
            "date": "2012-03-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-004137"
          },
          {
            "date": "2011-01-20T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201101-222"
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2011-0493"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "105951"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-222"
          }
        ],
        "trust": 0.7
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor Service disruption in  (DoS) Vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-004137"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "digital error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201101-222"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201001-0713

    Vulnerability from variot - Updated: 2025-04-11 22:59

    Tor before 0.2.1.22, and 0.2.2.x before 0.2.2.7-alpha, when functioning as a bridge directory authority, allows remote attackers to obtain sensitive information about bridge identities and bridge descriptors via a dbg-stability.txt directory query. Tor (The Onion Router) is an implementation of the second generation of onion routing, through which users can communicate anonymously over the Internet. Tor is prone to a remote information-disclosure vulnerability. Exploits will allow attackers to obtain sensitive information that can help them launch further attacks. NOTE: Since certain Tor infrastructures were compromised, new version 3 identity keys have been issued. Versions prior to Tor 0.2.1.22 are vulnerable. ----------------------------------------------------------------------

    Secunia integrated with Microsoft WSUS http://secunia.com/blog/71/


    TITLE: Tor Directory Authorities Directory Queries Information Disclosure

    SECUNIA ADVISORY ID: SA38198

    VERIFY ADVISORY: http://secunia.com/advisories/38198/

    DESCRIPTION: A security issue has been reported in Tor, which can be exploited by malicious people to disclose potentially sensitive information.

    SOLUTION: Update to version 0.2.1.22.

    PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.

    ORIGINAL ADVISORY: http://permalink.gmane.org/gmane.network.onion-routing.announce/30


    About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/advisories/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201001-0713",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.1.2.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.1.2.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.1.2.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.2.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.1_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.8.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.1_alpha-cvs"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.10_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.2_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.5_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.4_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.8_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.9_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.30"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.7_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre27"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.6_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.3_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "the tor",
            "version": "0.2.2.7-alpha"
          },
          {
            "model": "tor",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "the tor",
            "version": "0.2.2.x"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "tor",
            "version": "0.2.x"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.35"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.34"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.33"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.32"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.31"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.214"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.123"
          },
          {
            "model": ".5-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".4-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".3-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".2-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".1-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.118"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.2.15"
          },
          {
            "model": "alpha-cvs",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.2.1"
          },
          {
            "model": "tor",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.1.22"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2010-5331"
          },
          {
            "db": "BID",
            "id": "37901"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005252"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-255"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-0385"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:torproject:tor",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005252"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Roger Dingledine",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-255"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2010-0385",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2010-0385",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2010-5331",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2010-0385",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2010-0385",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2010-5331",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201001-255",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2010-5331"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005252"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-255"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-0385"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor before 0.2.1.22, and 0.2.2.x before 0.2.2.7-alpha, when functioning as a bridge directory authority, allows remote attackers to obtain sensitive information about bridge identities and bridge descriptors via a dbg-stability.txt directory query. Tor (The Onion Router) is an implementation of the second generation of onion routing, through which users can communicate anonymously over the Internet. Tor is prone to a remote information-disclosure vulnerability. \nExploits will allow attackers to obtain sensitive information that can help them launch further attacks. \nNOTE:  Since certain Tor infrastructures were compromised, new version 3 identity keys have been issued. \nVersions prior to Tor 0.2.1.22 are vulnerable. ----------------------------------------------------------------------\n\n\n\nSecunia integrated with Microsoft WSUS \nhttp://secunia.com/blog/71/\n\n\n\n----------------------------------------------------------------------\n\nTITLE:\nTor Directory Authorities Directory Queries Information Disclosure\n\nSECUNIA ADVISORY ID:\nSA38198\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/38198/\n\nDESCRIPTION:\nA security issue has been reported in Tor, which can be exploited by\nmalicious people to disclose potentially sensitive information. \n\nSOLUTION:\nUpdate to version 0.2.1.22. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nhttp://permalink.gmane.org/gmane.network.onion-routing.announce/30\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2010-0385"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005252"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-5331"
          },
          {
            "db": "BID",
            "id": "37901"
          },
          {
            "db": "PACKETSTORM",
            "id": "85478"
          }
        ],
        "trust": 2.52
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2010-0385",
            "trust": 3.3
          },
          {
            "db": "BID",
            "id": "37901",
            "trust": 2.5
          },
          {
            "db": "SECUNIA",
            "id": "38198",
            "trust": 1.7
          },
          {
            "db": "OSVDB",
            "id": "61865",
            "trust": 1.6
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005252",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-5331",
            "trust": 0.6
          },
          {
            "db": "MLIST",
            "id": "[OR-TALK] 20100120 TOR 0.2.2.7-ALPHA IS OUT",
            "trust": 0.6
          },
          {
            "db": "MLIST",
            "id": "[OR-ANNOUNCE] 20100121 TOR 0.2.1.22 IS RELEASED (SECURITY FIX)",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "14397",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-255",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "85478",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2010-5331"
          },
          {
            "db": "BID",
            "id": "37901"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005252"
          },
          {
            "db": "PACKETSTORM",
            "id": "85478"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-255"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-0385"
          }
        ]
      },
      "id": "VAR-201001-0713",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2010-5331"
          }
        ],
        "trust": 0.06
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2010-5331"
          }
        ]
      },
      "last_update_date": "2025-04-11T22:59:43.326000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "https://www.torproject.org/"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005252"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-200",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005252"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-0385"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.2,
            "url": "http://www.securityfocus.com/bid/37901"
          },
          {
            "trust": 1.6,
            "url": "http://www.osvdb.org/61865"
          },
          {
            "trust": 1.6,
            "url": "http://secunia.com/advisories/38198"
          },
          {
            "trust": 1.6,
            "url": "http://archives.seul.org/or/talk/jan-2010/msg00162.html"
          },
          {
            "trust": 1.6,
            "url": "http://archives.seul.org/or/announce/jan-2010/msg00000.html"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0385"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0385"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/14397"
          },
          {
            "trust": 0.3,
            "url": "http://www.torproject.org/index.html.en"
          },
          {
            "trust": 0.3,
            "url": "http://archives.seul.org/or/talk/jan-2010/msg00161.html"
          },
          {
            "trust": 0.1,
            "url": "http://permalink.gmane.org/gmane.network.onion-routing.announce/30"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/blog/71/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/38198/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/about_secunia_advisories/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2010-5331"
          },
          {
            "db": "BID",
            "id": "37901"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005252"
          },
          {
            "db": "PACKETSTORM",
            "id": "85478"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-255"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-0385"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2010-5331"
          },
          {
            "db": "BID",
            "id": "37901"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005252"
          },
          {
            "db": "PACKETSTORM",
            "id": "85478"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-255"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-0385"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2010-01-25T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2010-5331"
          },
          {
            "date": "2010-01-21T00:00:00",
            "db": "BID",
            "id": "37901"
          },
          {
            "date": "2012-12-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2010-005252"
          },
          {
            "date": "2010-01-21T10:22:16",
            "db": "PACKETSTORM",
            "id": "85478"
          },
          {
            "date": "2010-01-25T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201001-255"
          },
          {
            "date": "2010-01-25T19:30:01.697000",
            "db": "NVD",
            "id": "CVE-2010-0385"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2010-01-25T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2010-5331"
          },
          {
            "date": "2015-04-13T21:03:00",
            "db": "BID",
            "id": "37901"
          },
          {
            "date": "2012-12-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2010-005252"
          },
          {
            "date": "2010-01-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201001-255"
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2010-0385"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-255"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor official directory query request sensitive information disclosure vulnerability",
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2010-5331"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-255"
          }
        ],
        "trust": 1.2
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "information disclosure",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-255"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201001-0712

    Vulnerability from variot - Updated: 2025-04-11 22:59

    Tor before 0.2.1.22, and 0.2.2.x before 0.2.2.7-alpha, uses deprecated identity keys for certain directory authorities, which makes it easier for man-in-the-middle attackers to compromise the anonymity of traffic sources and destinations. Tor (The Onion Router) is an implementation of the second generation of onion routing software, through which users can communicate anonymously over the Internet. If the user submits a specially made query request to the bridge official directory, the directory authority will reveal all the tracked bridge identities in the response of dbg-stability.txt, which is an information disclosure. Tor is prone to a remote information-disclosure vulnerability. Exploits will allow attackers to obtain sensitive information that can help them launch further attacks. NOTE: Since certain Tor infrastructures were compromised, new version 3 identity keys have been issued. Versions prior to Tor 0.2.1.22 are vulnerable. ----------------------------------------------------------------------

    Secunia integrated with Microsoft WSUS http://secunia.com/blog/71/


    TITLE: Tor Directory Authorities Directory Queries Information Disclosure

    SECUNIA ADVISORY ID: SA38198

    VERIFY ADVISORY: http://secunia.com/advisories/38198/

    DESCRIPTION: A security issue has been reported in Tor, which can be exploited by malicious people to disclose potentially sensitive information.

    SOLUTION: Update to version 0.2.1.22.

    PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.

    ORIGINAL ADVISORY: http://permalink.gmane.org/gmane.network.onion-routing.announce/30


    About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/advisories/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201001-0712",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.1.2.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.1.2.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.1.2.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.2.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.1_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.8.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.1_alpha-cvs"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.10_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.2_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.5_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.4_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.8_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.9_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.30"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.7_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre27"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.6_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.3_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "the tor",
            "version": "0.2.2.7-alpha"
          },
          {
            "model": "tor",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "the tor",
            "version": "0.2.2.x"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "tor",
            "version": "0.2.x"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.35"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.34"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.33"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.32"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.31"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.214"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.123"
          },
          {
            "model": ".5-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".4-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".3-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".2-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".1-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.118"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.2.15"
          },
          {
            "model": "alpha-cvs",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.2.1"
          },
          {
            "model": "tor",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.1.22"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2010-5332"
          },
          {
            "db": "BID",
            "id": "37901"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005250"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-253"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-0383"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:torproject:tor",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005250"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Roger Dingledine",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-253"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2010-0383",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2010-0383",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2010-5332",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2010-0383",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2010-0383",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2010-5332",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201001-253",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2010-5332"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005250"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-253"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-0383"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor before 0.2.1.22, and 0.2.2.x before 0.2.2.7-alpha, uses deprecated identity keys for certain directory authorities, which makes it easier for man-in-the-middle attackers to compromise the anonymity of traffic sources and destinations. Tor (The Onion Router) is an implementation of the second generation of onion routing software, through which users can communicate anonymously over the Internet. If the user submits a specially made query request to the bridge official directory, the directory authority will reveal all the tracked bridge identities in the response of dbg-stability.txt, which is an information disclosure. Tor is prone to a remote information-disclosure vulnerability. \nExploits will allow attackers to obtain sensitive information that can help them launch further attacks. \nNOTE:  Since certain Tor infrastructures were compromised, new version 3 identity keys have been issued. \nVersions prior to Tor 0.2.1.22 are vulnerable. ----------------------------------------------------------------------\n\n\n\nSecunia integrated with Microsoft WSUS \nhttp://secunia.com/blog/71/\n\n\n\n----------------------------------------------------------------------\n\nTITLE:\nTor Directory Authorities Directory Queries Information Disclosure\n\nSECUNIA ADVISORY ID:\nSA38198\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/38198/\n\nDESCRIPTION:\nA security issue has been reported in Tor, which can be exploited by\nmalicious people to disclose potentially sensitive information. \n\nSOLUTION:\nUpdate to version 0.2.1.22. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nhttp://permalink.gmane.org/gmane.network.onion-routing.announce/30\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2010-0383"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005250"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-5332"
          },
          {
            "db": "BID",
            "id": "37901"
          },
          {
            "db": "PACKETSTORM",
            "id": "85478"
          }
        ],
        "trust": 2.52
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2010-0383",
            "trust": 3.3
          },
          {
            "db": "BID",
            "id": "37901",
            "trust": 2.5
          },
          {
            "db": "SECUNIA",
            "id": "38198",
            "trust": 1.7
          },
          {
            "db": "OSVDB",
            "id": "61977",
            "trust": 1.6
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005250",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-5332",
            "trust": 0.6
          },
          {
            "db": "MLIST",
            "id": "[OR-TALK] 20100120 TOR 0.2.2.7-ALPHA IS OUT",
            "trust": 0.6
          },
          {
            "db": "MLIST",
            "id": "[OR-TALK] 20100120 RE: TOR PROJECT INFRASTRUCTURE UPDATES IN RESPONSE TO SECURITY BREACH",
            "trust": 0.6
          },
          {
            "db": "MLIST",
            "id": "[OR-ANNOUNCE] 20100121 TOR 0.2.1.22 IS RELEASED (SECURITY FIX)",
            "trust": 0.6
          },
          {
            "db": "MLIST",
            "id": "[OR-TALK] 20100120 TOR PROJECT INFRASTRUCTURE UPDATES IN RESPONSE TO SECURITY BREACH",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "14397",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-253",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "85478",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2010-5332"
          },
          {
            "db": "BID",
            "id": "37901"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005250"
          },
          {
            "db": "PACKETSTORM",
            "id": "85478"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-253"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-0383"
          }
        ]
      },
      "id": "VAR-201001-0712",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2010-5332"
          }
        ],
        "trust": 0.06
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2010-5332"
          }
        ]
      },
      "last_update_date": "2025-04-11T22:59:43.286000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "https://www.torproject.org/"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005250"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-200",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005250"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-0383"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.2,
            "url": "http://www.securityfocus.com/bid/37901"
          },
          {
            "trust": 1.9,
            "url": "http://archives.seul.org/or/talk/jan-2010/msg00161.html"
          },
          {
            "trust": 1.6,
            "url": "http://secunia.com/advisories/38198"
          },
          {
            "trust": 1.6,
            "url": "http://osvdb.org/61977"
          },
          {
            "trust": 1.6,
            "url": "http://archives.seul.org/or/talk/jan-2010/msg00165.html"
          },
          {
            "trust": 1.6,
            "url": "http://archives.seul.org/or/talk/jan-2010/msg00162.html"
          },
          {
            "trust": 1.6,
            "url": "http://archives.seul.org/or/announce/jan-2010/msg00000.html"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0383"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0383"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/14397"
          },
          {
            "trust": 0.3,
            "url": "http://www.torproject.org/index.html.en"
          },
          {
            "trust": 0.1,
            "url": "http://permalink.gmane.org/gmane.network.onion-routing.announce/30"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/blog/71/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/38198/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/about_secunia_advisories/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2010-5332"
          },
          {
            "db": "BID",
            "id": "37901"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005250"
          },
          {
            "db": "PACKETSTORM",
            "id": "85478"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-253"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-0383"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2010-5332"
          },
          {
            "db": "BID",
            "id": "37901"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005250"
          },
          {
            "db": "PACKETSTORM",
            "id": "85478"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-253"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-0383"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2010-01-25T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2010-5332"
          },
          {
            "date": "2010-01-21T00:00:00",
            "db": "BID",
            "id": "37901"
          },
          {
            "date": "2012-12-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2010-005250"
          },
          {
            "date": "2010-01-21T10:22:16",
            "db": "PACKETSTORM",
            "id": "85478"
          },
          {
            "date": "2010-01-25T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201001-253"
          },
          {
            "date": "2010-01-25T19:30:01.637000",
            "db": "NVD",
            "id": "CVE-2010-0383"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2010-01-25T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2010-5332"
          },
          {
            "date": "2015-04-13T21:03:00",
            "db": "BID",
            "id": "37901"
          },
          {
            "date": "2012-12-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2010-005250"
          },
          {
            "date": "2010-01-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201001-253"
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2010-0383"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-253"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor official directory query request information disclosure vulnerability",
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2010-5332"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-253"
          }
        ],
        "trust": 1.2
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "information disclosure",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-253"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201112-0164

    Vulnerability from variot - Updated: 2025-04-11 22:56

    Tor before 0.2.2.34, when configured as a bridge, sets up circuits through a process different from the process used by a client, which makes it easier for remote attackers to enumerate bridges by observing circuit building. Tor is prone to a bridge enumeration weakness. Successful exploits will allow attackers to obtain sensitive information to launch further attacks. Versions prior to Tor 0.2.2.34 are vulnerable

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201112-0164",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.0.7.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.0.6.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.0.6.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.0.7.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.2.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.2.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.2.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.2.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.28"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.27"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.28"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.8.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.28"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.32"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.29"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.31"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.29"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.27"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.27"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.30"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.31"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.34"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.32"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.33"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.35"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.14"
          },
          {
            "model": "tor",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.33"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.30"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.29"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.19"
          },
          {
            "model": "tor",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "the tor",
            "version": "0.2.2.34"
          },
          {
            "model": ".21-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".20-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".19-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".18-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".17-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".16-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".15-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".14-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.35"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.34"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.33"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.32"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.31"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.214"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.123"
          },
          {
            "model": ".5-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".4-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".3-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".2-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".1-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.118"
          },
          {
            "model": "alpha-cvs",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.2.1"
          },
          {
            "model": "tor",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2.34"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "51279"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003516"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201112-431"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-4895"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:torproject:tor",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003516"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The vendor reported this issue.",
        "sources": [
          {
            "db": "BID",
            "id": "51279"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2011-4895",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2011-4895",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2011-4895",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2011-4895",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201112-431",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003516"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201112-431"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-4895"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor before 0.2.2.34, when configured as a bridge, sets up circuits through a process different from the process used by a client, which makes it easier for remote attackers to enumerate bridges by observing circuit building. Tor is prone to a bridge enumeration weakness. \nSuccessful exploits will allow attackers to obtain sensitive information to launch further attacks. \nVersions prior to Tor 0.2.2.34 are vulnerable",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2011-4895"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003516"
          },
          {
            "db": "BID",
            "id": "51279"
          }
        ],
        "trust": 1.89
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2011-4895",
            "trust": 2.7
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003516",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201112-431",
            "trust": 0.6
          },
          {
            "db": "BID",
            "id": "51279",
            "trust": 0.3
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "51279"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003516"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201112-431"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-4895"
          }
        ]
      },
      "id": "VAR-201112-0164",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.4086538599999999
      },
      "last_update_date": "2025-04-11T22:56:19.790000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Tor 0.2.2.34 is released (security patches)",
            "trust": 0.8,
            "url": "https://blog.torproject.org/blog/tor-02234-released-security-patches"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003516"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-200",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003516"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-4895"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.9,
            "url": "https://blog.torproject.org/blog/tor-02234-released-security-patches"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4895"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4895"
          },
          {
            "trust": 0.3,
            "url": "http://www.torproject.org/index.html.en"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "51279"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003516"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201112-431"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-4895"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "BID",
            "id": "51279"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003516"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201112-431"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-4895"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2011-10-27T00:00:00",
            "db": "BID",
            "id": "51279"
          },
          {
            "date": "2011-12-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-003516"
          },
          {
            "date": "2011-12-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201112-431"
          },
          {
            "date": "2011-12-23T03:59:22.097000",
            "db": "NVD",
            "id": "CVE-2011-4895"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2011-10-27T00:00:00",
            "db": "BID",
            "id": "51279"
          },
          {
            "date": "2011-12-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-003516"
          },
          {
            "date": "2011-12-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201112-431"
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2011-4895"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201112-431"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor Enumerated bridge vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003516"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "information disclosure",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201112-431"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201208-0158

    Vulnerability from variot - Updated: 2025-04-11 22:49

    The networkstatus_parse_vote_from_string function in routerparse.c in Tor before 0.2.2.38 does not properly handle an invalid flavor name, which allows remote attackers to cause a denial of service (out-of-bounds read and daemon crash) via a crafted (1) vote document or (2) consensus document. Tor is a second generation of onion routing implementation. Allows an attacker to exploit a vulnerability to crash an application. Tor is prone to multiple remote vulnerabilities, including: 1. Multiple denial-of-service vulnerabilities. 2. An information-disclosure vulnerability. 3. An out-of-bounds memory-access vulnerability. Attackers can exploit theses issues to crash the affected application, cause denial-of service conditions, or retrieve potentially sensitive information. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1


    Mandriva Linux Security Advisory MDVSA-2013:132 http://www.mandriva.com/en/support/security/


    Package : tor Date : April 10, 2013 Affected: Business Server 1.0


    Problem Description:

    Updated tor package fixes security vulnerabilities:

    Tor before 0.2.2.34, when configured as a client or bridge, sends a TLS certificate chain as part of an outgoing OR connection, which allows remote relays to bypass intended anonymity properties by reading this chain and then determining the set of entry guards that the client or bridge had selected (CVE-2011-2768).

    Tor before 0.2.2.34, when configured as a bridge, accepts the CREATE and CREATE_FAST values in the Command field of a cell within an OR connection that it initiated, which allows remote relays to enumerate bridges by using these values (CVE-2011-2769).

    routerlist.c in Tor before 0.2.2.38 uses a different amount of time for relay-list iteration depending on which relay is chosen, which might allow remote attackers to obtain sensitive information about relay selection via a timing side-channel attack (CVE-2012-3519).

    Tor before 0.2.2.39, when waiting for a client to renegotiate, allowed it to add bytes to the input buffer, allowing a crash to be caused remotely (tor-5934, tor-6007).

    Denial of Service vulnerability in Tor before 0.2.3.25, due to an error when handling SENDME cells and can be exploited to cause excessive consumption of memory resources within an entry node (SA51329, CVE-2012-5573).

    The version of Tor shipped in MBS1 did not have correctly formed systemd unit and thus failed to start.

    This updated version corrects this problem and restores working behaviour.


    References:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2768 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2769 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3517 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3518 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3519 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4419 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5573 https://wiki.mageia.org/en/Support/Advisories/MGAA-2012-0184 https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0276 https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0356


    Updated Packages:

    Mandriva Business Server 1/X86_64: 8cadc920e4452cd2a3551a3cb01d9fcf mbs1/x86_64/tor-0.2.2.39-1.mbs1.x86_64.rpm 7cbba7170bc4f9e6ee8409398437570c mbs1/SRPMS/tor-0.2.2.39-1.mbs1.src.rpm


    To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

    All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

    gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

    You can view other update advisories for Mandriva Linux at:

    http://www.mandriva.com/en/support/security/advisories/

    If you want to report vulnerabilities, please contact

    security_(at)_mandriva.com


    Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux)

    iD8DBQFRZVsDmqjQ0CJFipgRAm9IAJ9tYUVrI7u2V+7yJGNLn2OVMdOzcACgyrhf PUIroe88x4NDpj7AUyd2YP8= =x4YG -----END PGP SIGNATURE-----

    . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201301-03


                                            http://security.gentoo.org/
    

    Severity: Normal Title: Tor: Multiple vulnerabilities Date: January 08, 2013 Bugs: #432188, #434882, #444804 ID: 201301-03


    Synopsis

    Multiple vulnerabilities have been found in Tor, allowing attackers to cause Denial of Service or obtain sensitive information. Please review the CVE identifiers referenced below for details.

    Workaround

    There is no known workaround at this time.

    Resolution

    All Tor users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/tor-0.2.3.25"

    References

    [ 1 ] CVE-2012-3517 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3517 [ 2 ] CVE-2012-3518 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3518 [ 3 ] CVE-2012-3519 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3519 [ 4 ] CVE-2012-4419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4419 [ 5 ] CVE-2012-4922 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4922 [ 6 ] CVE-2012-5573 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5573

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-201301-03.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5 .

    CVE-2012-3519

    Try to leak less information about what relays a client is choosing to a side-channel attacker. This fixes a potential DoS issue [tor-5934, tor-6007].

    For the stable distribution (squeeze), these problems have been fixed in version 0.2.2.39-1.

    For the unstable distribution, these problems have been fixed in version 0.2.3.22-rc-1.

    We recommend that you upgrade your tor packages. ----------------------------------------------------------------------

    The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/


    TITLE: Debian update for tor

    SECUNIA ADVISORY ID: SA50583

    VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50583/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50583

    RELEASE DATE: 2012-09-14

    DISCUSS ADVISORY: http://secunia.com/advisories/50583/#comments

    AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

    http://secunia.com/advisories/50583/

    ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

    https://ca.secunia.com/?page=viewadvisory&vuln_id=50583

    ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

    http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

    DESCRIPTION: Debian has issued an update for tor.

    ORIGINAL ADVISORY: DSA-2548-1: http://www.debian.org/security/2012/dsa-2548

    OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/


    About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/advisories/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201208-0158",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "tor",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.37"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "tor",
            "version": "0.2.2.34"
          },
          {
            "model": ".14-alpha",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".15-alpha",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".16-alpha",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".17-alpha",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".18-alpha",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".19-alpha",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".20-alpha",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".21-alpha",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "tor",
            "version": "0.2.224"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "tor",
            "version": "0.2.225"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "tor",
            "version": "0.2.2.37"
          },
          {
            "model": "tor",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "the tor",
            "version": "0.2.2.38"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": "business server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "1x8664"
          },
          {
            "model": "business server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "1"
          },
          {
            "model": "tor",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2.38"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2012-4391"
          },
          {
            "db": "BID",
            "id": "55128"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-003894"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-381"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-3518"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:torproject:tor",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-003894"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Arma, Asn, and Nickm",
        "sources": [
          {
            "db": "BID",
            "id": "55128"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-381"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2012-3518",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2012-3518",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2012-3518",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2012-3518",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201208-381",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-003894"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-381"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-3518"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The networkstatus_parse_vote_from_string function in routerparse.c in Tor before 0.2.2.38 does not properly handle an invalid flavor name, which allows remote attackers to cause a denial of service (out-of-bounds read and daemon crash) via a crafted (1) vote document or (2) consensus document. Tor is a second generation of onion routing implementation. Allows an attacker to exploit a vulnerability to crash an application. Tor is prone to multiple remote vulnerabilities, including:\n1. Multiple denial-of-service vulnerabilities. \n2. An information-disclosure vulnerability. \n3. An out-of-bounds memory-access vulnerability. \nAttackers can exploit theses issues to crash the affected application, cause denial-of service conditions, or retrieve potentially sensitive information. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n\n Mandriva Linux Security Advisory                         MDVSA-2013:132\n http://www.mandriva.com/en/support/security/\n _______________________________________________________________________\n\n Package : tor\n Date    : April 10, 2013\n Affected: Business Server 1.0\n _______________________________________________________________________\n\n Problem Description:\n\n Updated tor package fixes security vulnerabilities:\n \n Tor before 0.2.2.34, when configured as a client or bridge, sends a TLS\n certificate chain as part of an outgoing OR connection, which allows\n remote relays to bypass intended anonymity properties by reading this\n chain and then determining the set of entry guards that the client\n or bridge had selected (CVE-2011-2768). \n \n Tor before 0.2.2.34, when configured as a bridge, accepts the CREATE\n and CREATE_FAST values in the Command field of a cell within an OR\n connection that it initiated, which allows remote relays to enumerate\n bridges by using these values (CVE-2011-2769). \n \n routerlist.c in Tor before 0.2.2.38 uses a different amount of time\n for relay-list iteration depending on which relay is chosen, which\n might allow remote attackers to obtain sensitive information about\n relay selection via a timing side-channel attack (CVE-2012-3519). \n \n Tor before 0.2.2.39, when waiting for a client to renegotiate, allowed\n it to add bytes to the input buffer, allowing a crash to be caused\n remotely (tor-5934, tor-6007). \n \n Denial of Service vulnerability in Tor before 0.2.3.25, due to an\n error when handling SENDME cells and can be exploited to cause\n excessive consumption of memory resources within an entry node\n (SA51329, CVE-2012-5573). \n \n The version of Tor shipped in MBS1 did not have correctly formed\n systemd unit and thus failed to start. \n \n This updated version corrects this problem and restores working\n behaviour. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2768\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2769\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3517\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3518\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3519\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4419\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5573\n https://wiki.mageia.org/en/Support/Advisories/MGAA-2012-0184\n https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0276\n https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0356\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 1/X86_64:\n 8cadc920e4452cd2a3551a3cb01d9fcf  mbs1/x86_64/tor-0.2.2.39-1.mbs1.x86_64.rpm \n 7cbba7170bc4f9e6ee8409398437570c  mbs1/SRPMS/tor-0.2.2.39-1.mbs1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security.  You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n  http://www.mandriva.com/en/support/security/advisories/\n\n If you want to report vulnerabilities, please contact\n\n  security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID     Date       User ID\n pub  1024D/22458A98 2000-07-10 Mandriva Security Team\n  \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (GNU/Linux)\n\niD8DBQFRZVsDmqjQ0CJFipgRAm9IAJ9tYUVrI7u2V+7yJGNLn2OVMdOzcACgyrhf\nPUIroe88x4NDpj7AUyd2YP8=\n=x4YG\n-----END PGP SIGNATURE-----\n\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201301-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                            http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n    Title: Tor: Multiple vulnerabilities\n     Date: January 08, 2013\n     Bugs: #432188, #434882, #444804\n       ID: 201301-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Tor, allowing attackers to\ncause Denial of Service or obtain sensitive information. Please review the\nCVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Tor users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=net-misc/tor-0.2.3.25\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-3517\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3517\n[ 2 ] CVE-2012-3518\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3518\n[ 3 ] CVE-2012-3519\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3519\n[ 4 ] CVE-2012-4419\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4419\n[ 5 ] CVE-2012-4922\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4922\n[ 6 ] CVE-2012-5573\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5573\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201301-03.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. \n\nCVE-2012-3519\n\n  Try to leak less information about what relays a client is choosing to\n  a side-channel attacker. This fixes a potential DoS issue\n  [tor-5934, tor-6007]. \n\nFor the stable distribution (squeeze), these problems have been fixed in\nversion 0.2.2.39-1. \n\nFor the unstable distribution, these problems have been fixed in version\n0.2.3.22-rc-1. \n\nWe recommend that you upgrade your tor packages. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nDebian update for tor\n\nSECUNIA ADVISORY ID:\nSA50583\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50583/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50583\n\nRELEASE DATE:\n2012-09-14\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50583/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50583/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50583\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nDebian has issued an update for tor. \n\nORIGINAL ADVISORY:\nDSA-2548-1:\nhttp://www.debian.org/security/2012/dsa-2548\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2012-3518"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-003894"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2012-4391"
          },
          {
            "db": "BID",
            "id": "55128"
          },
          {
            "db": "PACKETSTORM",
            "id": "121258"
          },
          {
            "db": "PACKETSTORM",
            "id": "119351"
          },
          {
            "db": "PACKETSTORM",
            "id": "116520"
          },
          {
            "db": "PACKETSTORM",
            "id": "116554"
          }
        ],
        "trust": 2.79
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2012-3518",
            "trust": 3.6
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2012/08/21/6",
            "trust": 1.6
          },
          {
            "db": "SECUNIA",
            "id": "50583",
            "trust": 1.1
          },
          {
            "db": "BID",
            "id": "55128",
            "trust": 0.9
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-003894",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2012-4391",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "20408",
            "trust": 0.6
          },
          {
            "db": "MLIST",
            "id": "[OSS-SECURITY] 20120821 RE: CVE REQUEST -- TOR 0.2.2.38: THREE ISSUES",
            "trust": 0.6
          },
          {
            "db": "MLIST",
            "id": "[TOR-ANNOUNCE] 20120819 TOR 0.2.2.38 IS RELEASED",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-381",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "121258",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "119351",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "116520",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "116554",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2012-4391"
          },
          {
            "db": "BID",
            "id": "55128"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-003894"
          },
          {
            "db": "PACKETSTORM",
            "id": "121258"
          },
          {
            "db": "PACKETSTORM",
            "id": "119351"
          },
          {
            "db": "PACKETSTORM",
            "id": "116520"
          },
          {
            "db": "PACKETSTORM",
            "id": "116554"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-381"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-3518"
          }
        ]
      },
      "id": "VAR-201208-0158",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2012-4391"
          }
        ],
        "trust": 1.00865386
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2012-4391"
          }
        ]
      },
      "last_update_date": "2025-04-11T22:49:24.324000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "openSUSE-SU-2012:1068",
            "trust": 0.8,
            "url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00048.html"
          },
          {
            "title": "Tor 0.2.2.38 is released",
            "trust": 0.8,
            "url": "https://lists.torproject.org/pipermail/tor-announce/2012-August/000086.html"
          },
          {
            "title": "tor.git / commit - Avoid possible segfault when handling networkstatus vote with bad flavor",
            "trust": 0.8,
            "url": "https://gitweb.torproject.org/tor.git/commit/57e35ad3d91724882c345ac709666a551a977f0f"
          },
          {
            "title": "tor.git / commit - Clarify security impact of bug 6530",
            "trust": 0.8,
            "url": "https://gitweb.torproject.org/tor.git/commit/55f635745afacefffdaafc72cc176ca7ab817546"
          },
          {
            "title": "Ticket #6530",
            "trust": 0.8,
            "url": "https://trac.torproject.org/projects/tor/ticket/6530"
          },
          {
            "title": "Tor uninitialized memory read vulnerability patch",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/20311"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2012-4391"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-003894"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-003894"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-3518"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://trac.torproject.org/projects/tor/ticket/6530"
          },
          {
            "trust": 1.6,
            "url": "https://lists.torproject.org/pipermail/tor-announce/2012-august/000086.html"
          },
          {
            "trust": 1.6,
            "url": "https://gitweb.torproject.org/tor.git/commit/57e35ad3d91724882c345ac709666a551a977f0f"
          },
          {
            "trust": 1.6,
            "url": "https://gitweb.torproject.org/tor.git/commit/55f635745afacefffdaafc72cc176ca7ab817546"
          },
          {
            "trust": 1.6,
            "url": "http://openwall.com/lists/oss-security/2012/08/21/6"
          },
          {
            "trust": 1.1,
            "url": "http://security.gentoo.org/glsa/glsa-201301-03.xml"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/50583"
          },
          {
            "trust": 1.0,
            "url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00048.html"
          },
          {
            "trust": 0.9,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3518"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3518"
          },
          {
            "trust": 0.6,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=849949http"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/bid/55128"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/20408"
          },
          {
            "trust": 0.3,
            "url": "http://marc.info/?l=oss-security\u0026m=134555757608675\u0026w=2"
          },
          {
            "trust": 0.3,
            "url": "http://www.torproject.org/index.html.en"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3519"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-4419"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3518"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3517"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5573"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2769"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2768"
          },
          {
            "trust": 0.1,
            "url": "https://wiki.mageia.org/en/support/advisories/mgasa-2012-0276"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/en/support/security/"
          },
          {
            "trust": 0.1,
            "url": "https://wiki.mageia.org/en/support/advisories/mgaa-2012-0184"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/en/support/security/advisories/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2768"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5573"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3519"
          },
          {
            "trust": 0.1,
            "url": "https://wiki.mageia.org/en/support/advisories/mgasa-2012-0356"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2769"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4419"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3517"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4922"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3517"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5573"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3519"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-4922"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3518"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4419"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/faq"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50583"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/50583/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/vulnerability_intelligence/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/about_secunia_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/50583/#comments"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/vulnerability_scanning/personal/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/blog/325/"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/2012/dsa-2548"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2012-4391"
          },
          {
            "db": "BID",
            "id": "55128"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-003894"
          },
          {
            "db": "PACKETSTORM",
            "id": "121258"
          },
          {
            "db": "PACKETSTORM",
            "id": "119351"
          },
          {
            "db": "PACKETSTORM",
            "id": "116520"
          },
          {
            "db": "PACKETSTORM",
            "id": "116554"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-381"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-3518"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2012-4391"
          },
          {
            "db": "BID",
            "id": "55128"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-003894"
          },
          {
            "db": "PACKETSTORM",
            "id": "121258"
          },
          {
            "db": "PACKETSTORM",
            "id": "119351"
          },
          {
            "db": "PACKETSTORM",
            "id": "116520"
          },
          {
            "db": "PACKETSTORM",
            "id": "116554"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-381"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-3518"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2012-08-23T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2012-4391"
          },
          {
            "date": "2012-08-21T00:00:00",
            "db": "BID",
            "id": "55128"
          },
          {
            "date": "2012-08-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2012-003894"
          },
          {
            "date": "2013-04-11T02:39:54",
            "db": "PACKETSTORM",
            "id": "121258"
          },
          {
            "date": "2013-01-09T02:25:38",
            "db": "PACKETSTORM",
            "id": "119351"
          },
          {
            "date": "2012-09-14T01:52:39",
            "db": "PACKETSTORM",
            "id": "116520"
          },
          {
            "date": "2012-09-14T04:04:24",
            "db": "PACKETSTORM",
            "id": "116554"
          },
          {
            "date": "2012-08-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201208-381"
          },
          {
            "date": "2012-08-26T03:17:44.090000",
            "db": "NVD",
            "id": "CVE-2012-3518"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2012-08-23T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2012-4391"
          },
          {
            "date": "2015-04-13T21:39:00",
            "db": "BID",
            "id": "55128"
          },
          {
            "date": "2012-10-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2012-003894"
          },
          {
            "date": "2012-08-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201208-381"
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2012-3518"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "121258"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-381"
          }
        ],
        "trust": 0.7
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor of  routerparse.c Service disruption in  (DoS) Vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-003894"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer overflow",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-381"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201112-0312

    Vulnerability from variot - Updated: 2025-04-11 22:49

    Tor before 0.2.2.34, when configured as a bridge, accepts the CREATE and CREATE_FAST values in the Command field of a cell within an OR connection that it initiated, which allows remote relays to enumerate bridges by using these values. Tor (The Onion Router) is an implementation of the second generation of onion routing, which allows users to communicate anonymously over the Internet. Tor has security holes in its implementation that can be exploited by malicious users to disclose sensitive information. This vulnerability is caused by the client reusing a TLS certificate on some connections. Simulate a user's detection of multiple protection relays by using a user certificate identification key to determine the connection status of the user. Tor is prone to a remote information-disclosure vulnerability and a bridge enumeration weakness. Exploits will allow attackers to obtain sensitive information that can help them launch further attacks. Versions prior to Tor 0.2.2.34 are vulnerable. ----------------------------------------------------------------------

    Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool.

    Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/


    TITLE: Tor TLS Certificate Reuse User De-Anonymisation Security Issue

    SECUNIA ADVISORY ID: SA46634

    VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46634/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46634

    RELEASE DATE: 2011-10-28

    DISCUSS ADVISORY: http://secunia.com/advisories/46634/#comments

    AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

    http://secunia.com/advisories/46634/

    ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

    https://ca.secunia.com/?page=viewadvisory&vuln_id=46634

    ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

    http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

    DESCRIPTION: A security issue has been reported in Tor, which can be exploited by malicious people to disclose potentially sensitive information. This can be exploited to e.g. fingerprint and de-anonymise a user by e.g.

    Note: Additionally, enhancement have been made to protect against bridge enumeration attacks.

    SOLUTION: Update to version 0.2.2.34.

    PROVIDED AND/OR DISCOVERED BY: The vendor credits frosty_un.

    ORIGINAL ADVISORY: https://blog.torproject.org/blog/tor-02234-released-security-patches

    OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/


    About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/advisories/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    .

    Use-after-free vulnerability in dns.c in Tor before 0.2.2.38 might allow remote attackers to cause a denial of service (daemon crash) via vectors related to failed DNS requests (CVE-2012-3517).

    The networkstatus_parse_vote_from_string function in routerparse.c in Tor before 0.2.2.38 does not properly handle an invalid flavor name, which allows remote attackers to cause a denial of service (out-of-bounds read and daemon crash) via a crafted (1) vote document or (2) consensus document (CVE-2012-3518).

    routerlist.c in Tor before 0.2.2.38 uses a different amount of time for relay-list iteration depending on which relay is chosen, which might allow remote attackers to obtain sensitive information about relay selection via a timing side-channel attack (CVE-2012-3519).

    The compare_tor_addr_to_addr_policy function in or/policies.c in Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.21-rc, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a zero-valued port field that is not properly handled during policy comparison (CVE-2012-4419).

    Tor before 0.2.2.39, when waiting for a client to renegotiate, allowed it to add bytes to the input buffer, allowing a crash to be caused remotely (tor-5934, tor-6007).

    Denial of Service vulnerability in Tor before 0.2.3.25, due to an error when handling SENDME cells and can be exploited to cause excessive consumption of memory resources within an entry node (SA51329, CVE-2012-5573).

    The version of Tor shipped in MBS1 did not have correctly formed systemd unit and thus failed to start.


    References:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2768 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2769 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3517 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3518 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3519 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4419 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5573 https://wiki.mageia.org/en/Support/Advisories/MGAA-2012-0184 https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0276 https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0356


    Updated Packages:

    Mandriva Business Server 1/X86_64: 8cadc920e4452cd2a3551a3cb01d9fcf mbs1/x86_64/tor-0.2.2.39-1.mbs1.x86_64.rpm 7cbba7170bc4f9e6ee8409398437570c mbs1/SRPMS/tor-0.2.2.39-1.mbs1.src.rpm


    To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

    All packages are signed by Mandriva for security. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1


    Debian Security Advisory DSA-2331-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff October 28, 2011 http://www.debian.org/security/faq


    Package : tor Vulnerability : several Problem type : remote Debian-specific: no CVE ID : CVE-2011-2768 CVE-2011-2769

    It has been discovered by "frosty_un" that a design flaw in Tor, an online privacy tool, allows malicious relay servers to learn certain information that they should not be able to learn. In combination with other attacks, this issue can lead to deanonymizing the user. The Common Vulnerabilities and Exposures project has assigned CVE-2011-2768 to this issue.

    In addition to fixing the above mentioned issues, the updates to oldstable and stable fix a number of less critical issues (CVE-2011-2769). Please see this posting from the Tor blog for more information: https://blog.torproject.org/blog/tor-02234-released-security-patches

    For the oldstable distribution (lenny), this problem has been fixed in version 0.2.1.31-1~lenny+1. Due to technical limitations in the Debian archive scripts, the update cannot be released synchronously with the packages for stable. It will be released shortly.

    For the stable distribution (squeeze), this problem has been fixed in version 0.2.1.31-1.

    For the unstable and testing distributions, this problem has been fixed in version 0.2.2.34-1.

    For the experimental distribution, this problem have has fixed in version 0.2.3.6-alpha-1.

    We recommend that you upgrade your tor packages.

    Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)

    iEYEARECAAYFAk6q1UIACgkQXm3vHE4uylrH1ACg6Y7x6by9MtC6d2whbYQvf0sV qdgAoM3IeWEe985DCPmvdBDHmEQBDzpk =HWr2 -----END PGP SIGNATURE-----


    Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201201-12


                                            http://security.gentoo.org/
    

    Severity: Normal Title: Tor: Multiple vulnerabilities Date: January 23, 2012 Bugs: #388769, #394969 ID: 201201-12


    Synopsis

    Multiple vulnerabilities have been found in Tor, the most severe of which may allow a remote attacker to execute arbitrary code. * When configured as a bridge, Tor relays can distinguish incoming bridge connections from client connections (CVE-2011-2769). * An error in or/buffers.c could result in a heap-based buffer overflow (CVE-2011-2778).

    Impact

    A remote attacker could possibly execute arbitrary code or cause a Denial of Service.

    Workaround

    There is no known workaround at this time.

    Resolution

    All Tor users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/tor-0.2.2.35"

    References

    [ 1 ] CVE-2011-2768 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2768 [ 2 ] CVE-2011-2769 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2769 [ 3 ] CVE-2011-2778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2778

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-201201-12.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201112-0312",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.2.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.2.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.2.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.2.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.28"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.27"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.28"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.8.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.28"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.32"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.29"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.31"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.29"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.27"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.27"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.30"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.31"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.34"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.32"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.33"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.35"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.14"
          },
          {
            "model": "tor",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.33"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.30"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.29"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.19"
          },
          {
            "model": "tor",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "the tor",
            "version": "0.2.2.34"
          },
          {
            "model": "\u003c0.2.2.20-alpha",
            "scope": null,
            "trust": 0.6,
            "vendor": "tor",
            "version": null
          },
          {
            "model": ".21-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".20-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".19-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".18-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".17-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".16-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".15-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".14-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.35"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.34"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.33"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.32"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.31"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.214"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.123"
          },
          {
            "model": ".5-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".4-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".3-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".2-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".1-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.118"
          },
          {
            "model": "alpha-cvs",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.2.1"
          },
          {
            "model": "business server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "1x8664"
          },
          {
            "model": "business server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "1"
          },
          {
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "tor",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2.34"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-5558"
          },
          {
            "db": "BID",
            "id": "50414"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003513"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2769"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:torproject:tor",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003513"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "frosty_un",
        "sources": [
          {
            "db": "BID",
            "id": "50414"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201110-701"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2011-2769",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2011-2769",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2011-5558",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2011-2769",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2011-2769",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2011-5558",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201110-701",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-5558"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003513"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201110-701"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2769"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor before 0.2.2.34, when configured as a bridge, accepts the CREATE and CREATE_FAST values in the Command field of a cell within an OR connection that it initiated, which allows remote relays to enumerate bridges by using these values. Tor (The Onion Router) is an implementation of the second generation of onion routing, which allows users to communicate anonymously over the Internet. Tor has security holes in its implementation that can be exploited by malicious users to disclose sensitive information. This vulnerability is caused by the client reusing a TLS certificate on some connections. Simulate a user\u0027s detection of multiple protection relays by using a user certificate identification key to determine the connection status of the user. Tor is prone to a remote information-disclosure vulnerability and a bridge enumeration weakness. \nExploits will allow attackers to obtain sensitive information that can help them launch further attacks. \nVersions prior to Tor 0.2.2.34 are vulnerable. ----------------------------------------------------------------------\n\nOvum says ad hoc tools are out-dated. The best practice approach?\nFast vulnerability intelligence, threat handling, and setup in one tool. \n\nRead the new report on the Secunia VIM:\nhttp://secunia.com/products/corporate/vim/ovum_2011_request/ \n\n----------------------------------------------------------------------\n\nTITLE:\nTor TLS Certificate Reuse User De-Anonymisation Security Issue\n\nSECUNIA ADVISORY ID:\nSA46634\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/46634/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=46634\n\nRELEASE DATE:\n2011-10-28\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/46634/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/46634/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=46634\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA security issue has been reported in Tor, which can be exploited by\nmalicious people to disclose potentially sensitive information. This can be exploited to e.g. \nfingerprint and de-anonymise a user by e.g. \n\nNote: Additionally, enhancement have been made to protect against\nbridge enumeration attacks. \n\nSOLUTION:\nUpdate to version 0.2.2.34. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits frosty_un. \n\nORIGINAL ADVISORY:\nhttps://blog.torproject.org/blog/tor-02234-released-security-patches\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n \n Use-after-free vulnerability in dns.c in Tor before 0.2.2.38 might\n allow remote attackers to cause a denial of service (daemon crash)\n via vectors related to failed DNS requests (CVE-2012-3517). \n \n The networkstatus_parse_vote_from_string function in routerparse.c\n in Tor before 0.2.2.38 does not properly handle an invalid flavor\n name, which allows remote attackers to cause a denial of service\n (out-of-bounds read and daemon crash) via a crafted (1) vote document\n or (2) consensus document (CVE-2012-3518). \n \n routerlist.c in Tor before 0.2.2.38 uses a different amount of time\n for relay-list iteration depending on which relay is chosen, which\n might allow remote attackers to obtain sensitive information about\n relay selection via a timing side-channel attack (CVE-2012-3519). \n \n The compare_tor_addr_to_addr_policy function in or/policies.c in\n Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.21-rc, allows remote\n attackers to cause a denial of service (assertion failure and daemon\n exit) via a zero-valued port field that is not properly handled during\n policy comparison (CVE-2012-4419). \n \n Tor before 0.2.2.39, when waiting for a client to renegotiate, allowed\n it to add bytes to the input buffer, allowing a crash to be caused\n remotely (tor-5934, tor-6007). \n \n Denial of Service vulnerability in Tor before 0.2.3.25, due to an\n error when handling SENDME cells and can be exploited to cause\n excessive consumption of memory resources within an entry node\n (SA51329, CVE-2012-5573). \n \n The version of Tor shipped in MBS1 did not have correctly formed\n systemd unit and thus failed to start. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2768\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2769\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3517\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3518\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3519\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4419\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5573\n https://wiki.mageia.org/en/Support/Advisories/MGAA-2012-0184\n https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0276\n https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0356\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 1/X86_64:\n 8cadc920e4452cd2a3551a3cb01d9fcf  mbs1/x86_64/tor-0.2.2.39-1.mbs1.x86_64.rpm \n 7cbba7170bc4f9e6ee8409398437570c  mbs1/SRPMS/tor-0.2.2.39-1.mbs1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- --------------------------------------------------------------------------\nDebian Security Advisory DSA-2331-1                   security@debian.org\nhttp://www.debian.org/security/                        Moritz Muehlenhoff\nOctober 28, 2011                       http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage        : tor\nVulnerability  : several\nProblem type   : remote\nDebian-specific: no\nCVE ID         : CVE-2011-2768 CVE-2011-2769 \n\nIt has been discovered by \"frosty_un\" that a design flaw in Tor, an online\nprivacy tool, allows malicious relay servers to learn certain information\nthat they should not be able to learn. In combination with other attacks, this issue \ncan lead to deanonymizing the user.  The Common Vulnerabilities and \nExposures project has assigned CVE-2011-2768 to this issue. \n\nIn addition to fixing the above mentioned issues, the updates to oldstable\nand stable fix a number of less critical issues (CVE-2011-2769). Please \nsee this posting from the Tor blog for more information:\nhttps://blog.torproject.org/blog/tor-02234-released-security-patches\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 0.2.1.31-1~lenny+1. Due to technical limitations in the Debian\narchive scripts, the update cannot be released synchronously with the\npackages for stable. It will be released shortly. \n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 0.2.1.31-1. \n\nFor the unstable and testing distributions, this problem has been fixed in\nversion 0.2.2.34-1. \n\nFor the experimental distribution, this problem have has fixed in version\n0.2.3.6-alpha-1. \n\nWe recommend that you upgrade your tor packages. \n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.11 (GNU/Linux)\n\niEYEARECAAYFAk6q1UIACgkQXm3vHE4uylrH1ACg6Y7x6by9MtC6d2whbYQvf0sV\nqdgAoM3IeWEe985DCPmvdBDHmEQBDzpk\n=HWr2\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201201-12\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                            http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n    Title: Tor: Multiple vulnerabilities\n     Date: January 23, 2012\n     Bugs: #388769, #394969\n       ID: 201201-12\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Tor, the most severe of\nwhich may allow a remote attacker to execute arbitrary code. \n* When configured as a bridge, Tor relays can distinguish incoming\n  bridge connections from client connections (CVE-2011-2769). \n* An error in or/buffers.c could result in a heap-based buffer overflow\n  (CVE-2011-2778). \n\nImpact\n======\n\nA remote attacker could possibly execute arbitrary code or cause a\nDenial of Service. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Tor users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=net-misc/tor-0.2.2.35\"\n\nReferences\n==========\n\n[ 1 ] CVE-2011-2768\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2768\n[ 2 ] CVE-2011-2769\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2769\n[ 3 ] CVE-2011-2778\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2778\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201201-12.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2011-2769"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003513"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2011-5558"
          },
          {
            "db": "BID",
            "id": "50414"
          },
          {
            "db": "PACKETSTORM",
            "id": "106334"
          },
          {
            "db": "PACKETSTORM",
            "id": "106460"
          },
          {
            "db": "PACKETSTORM",
            "id": "121258"
          },
          {
            "db": "PACKETSTORM",
            "id": "106343"
          },
          {
            "db": "PACKETSTORM",
            "id": "108997"
          }
        ],
        "trust": 2.88
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2011-2769",
            "trust": 3.6
          },
          {
            "db": "BID",
            "id": "50414",
            "trust": 1.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003513",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "46634",
            "trust": 0.7
          },
          {
            "db": "SECUNIA",
            "id": "46640",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2011-5558",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "18089",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201110-701",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "106334",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "106460",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "121258",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "106343",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "108997",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-5558"
          },
          {
            "db": "BID",
            "id": "50414"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003513"
          },
          {
            "db": "PACKETSTORM",
            "id": "106334"
          },
          {
            "db": "PACKETSTORM",
            "id": "106460"
          },
          {
            "db": "PACKETSTORM",
            "id": "121258"
          },
          {
            "db": "PACKETSTORM",
            "id": "106343"
          },
          {
            "db": "PACKETSTORM",
            "id": "108997"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201110-701"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2769"
          }
        ]
      },
      "id": "VAR-201112-0312",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-5558"
          }
        ],
        "trust": 1.0743589866666665
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-5558"
          }
        ]
      },
      "last_update_date": "2025-04-11T22:49:24.223000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Tor 0.2.2.34 is released (security patches)",
            "trust": 0.8,
            "url": "https://blog.torproject.org/blog/tor-02234-released-security-patches"
          },
          {
            "title": "Tor Directory Remote Information Disclosure Bridge Enumeration Patch",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/35276"
          },
          {
            "title": "Tor Repair measures for information disclosure vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=172249"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-5558"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003513"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201110-701"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-200",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003513"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2769"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.1,
            "url": "https://blog.torproject.org/blog/tor-02234-released-security-patches"
          },
          {
            "trust": 1.1,
            "url": "http://www.debian.org/security/2011/dsa-2331"
          },
          {
            "trust": 0.9,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2769"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-2769"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/bid/50414/info"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/46634"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/46640"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/bid/50414"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/18089"
          },
          {
            "trust": 0.3,
            "url": "http://www.torproject.org/index.html.en"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2768"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2769"
          },
          {
            "trust": 0.2,
            "url": "http://secunia.com/vulnerability_intelligence/"
          },
          {
            "trust": 0.2,
            "url": "http://secunia.com/advisories/secunia_security_advisories/"
          },
          {
            "trust": 0.2,
            "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
          },
          {
            "trust": 0.2,
            "url": "http://secunia.com/vulnerability_scanning/personal/"
          },
          {
            "trust": 0.2,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.2,
            "url": "http://secunia.com/products/corporate/vim/ovum_2011_request/"
          },
          {
            "trust": 0.2,
            "url": "http://secunia.com/advisories/about_secunia_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/46634/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/46634/#comments"
          },
          {
            "trust": 0.1,
            "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=46634"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/46640/"
          },
          {
            "trust": 0.1,
            "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=46640"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/46640/#comments"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3518"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2768"
          },
          {
            "trust": 0.1,
            "url": "https://wiki.mageia.org/en/support/advisories/mgasa-2012-0276"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3519"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/en/support/security/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-4419"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3517"
          },
          {
            "trust": 0.1,
            "url": "https://wiki.mageia.org/en/support/advisories/mgaa-2012-0184"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/en/support/security/advisories/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3518"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5573"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3519"
          },
          {
            "trust": 0.1,
            "url": "https://wiki.mageia.org/en/support/advisories/mgasa-2012-0356"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4419"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3517"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5573"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/faq"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2778"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/glsa/glsa-201201-12.xml"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2769"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2778"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2768"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-5558"
          },
          {
            "db": "BID",
            "id": "50414"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003513"
          },
          {
            "db": "PACKETSTORM",
            "id": "106334"
          },
          {
            "db": "PACKETSTORM",
            "id": "106460"
          },
          {
            "db": "PACKETSTORM",
            "id": "121258"
          },
          {
            "db": "PACKETSTORM",
            "id": "106343"
          },
          {
            "db": "PACKETSTORM",
            "id": "108997"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201110-701"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2769"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-5558"
          },
          {
            "db": "BID",
            "id": "50414"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003513"
          },
          {
            "db": "PACKETSTORM",
            "id": "106334"
          },
          {
            "db": "PACKETSTORM",
            "id": "106460"
          },
          {
            "db": "PACKETSTORM",
            "id": "121258"
          },
          {
            "db": "PACKETSTORM",
            "id": "106343"
          },
          {
            "db": "PACKETSTORM",
            "id": "108997"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201110-701"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2769"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2011-10-31T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2011-5558"
          },
          {
            "date": "2011-10-28T00:00:00",
            "db": "BID",
            "id": "50414"
          },
          {
            "date": "2011-12-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-003513"
          },
          {
            "date": "2011-10-28T12:05:57",
            "db": "PACKETSTORM",
            "id": "106334"
          },
          {
            "date": "2011-11-01T07:54:34",
            "db": "PACKETSTORM",
            "id": "106460"
          },
          {
            "date": "2013-04-11T02:39:54",
            "db": "PACKETSTORM",
            "id": "121258"
          },
          {
            "date": "2011-10-28T21:21:09",
            "db": "PACKETSTORM",
            "id": "106343"
          },
          {
            "date": "2012-01-24T04:16:55",
            "db": "PACKETSTORM",
            "id": "108997"
          },
          {
            "date": "1900-01-01T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201110-701"
          },
          {
            "date": "2011-12-23T03:59:21.990000",
            "db": "NVD",
            "id": "CVE-2011-2769"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2011-10-31T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2011-5558"
          },
          {
            "date": "2015-05-07T17:17:00",
            "db": "BID",
            "id": "50414"
          },
          {
            "date": "2011-12-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-003513"
          },
          {
            "date": "2021-12-01T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201110-701"
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2011-2769"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "121258"
          },
          {
            "db": "PACKETSTORM",
            "id": "108997"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201110-701"
          }
        ],
        "trust": 0.8
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor Enumerated bridge vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003513"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "information disclosure",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201110-701"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201208-0157

    Vulnerability from variot - Updated: 2025-04-11 22:49

    Use-after-free vulnerability in dns.c in Tor before 0.2.2.38 might allow remote attackers to cause a denial of service (daemon crash) via vectors related to failed DNS requests. Tor (The Onion Router) is an implementation of the second generation of onion routing, which allows users to communicate anonymously over the Internet. Tor has a remote vulnerability in its implementation. Multiple denial-of-service vulnerabilities. 2. An information-disclosure vulnerability. 3. An out-of-bounds memory-access vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1


    Mandriva Linux Security Advisory MDVSA-2013:132 http://www.mandriva.com/en/support/security/


    Package : tor Date : April 10, 2013 Affected: Business Server 1.0


    Problem Description:

    Updated tor package fixes security vulnerabilities:

    Tor before 0.2.2.34, when configured as a client or bridge, sends a TLS certificate chain as part of an outgoing OR connection, which allows remote relays to bypass intended anonymity properties by reading this chain and then determining the set of entry guards that the client or bridge had selected (CVE-2011-2768).

    Tor before 0.2.2.34, when configured as a bridge, accepts the CREATE and CREATE_FAST values in the Command field of a cell within an OR connection that it initiated, which allows remote relays to enumerate bridges by using these values (CVE-2011-2769).

    routerlist.c in Tor before 0.2.2.38 uses a different amount of time for relay-list iteration depending on which relay is chosen, which might allow remote attackers to obtain sensitive information about relay selection via a timing side-channel attack (CVE-2012-3519).

    Tor before 0.2.2.39, when waiting for a client to renegotiate, allowed it to add bytes to the input buffer, allowing a crash to be caused remotely (tor-5934, tor-6007).

    The version of Tor shipped in MBS1 did not have correctly formed systemd unit and thus failed to start.

    This updated version corrects this problem and restores working behaviour.


    References:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2768 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2769 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3517 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3518 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3519 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4419 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5573 https://wiki.mageia.org/en/Support/Advisories/MGAA-2012-0184 https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0276 https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0356


    Updated Packages:

    Mandriva Business Server 1/X86_64: 8cadc920e4452cd2a3551a3cb01d9fcf mbs1/x86_64/tor-0.2.2.39-1.mbs1.x86_64.rpm 7cbba7170bc4f9e6ee8409398437570c mbs1/SRPMS/tor-0.2.2.39-1.mbs1.src.rpm


    To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

    All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

    gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

    You can view other update advisories for Mandriva Linux at:

    http://www.mandriva.com/en/support/security/advisories/

    If you want to report vulnerabilities, please contact

    security_(at)_mandriva.com


    Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux)

    iD8DBQFRZVsDmqjQ0CJFipgRAm9IAJ9tYUVrI7u2V+7yJGNLn2OVMdOzcACgyrhf PUIroe88x4NDpj7AUyd2YP8= =x4YG -----END PGP SIGNATURE-----

    . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201301-03


                                            http://security.gentoo.org/
    

    Severity: Normal Title: Tor: Multiple vulnerabilities Date: January 08, 2013 Bugs: #432188, #434882, #444804 ID: 201301-03


    Synopsis

    Multiple vulnerabilities have been found in Tor, allowing attackers to cause Denial of Service or obtain sensitive information. Please review the CVE identifiers referenced below for details.

    Workaround

    There is no known workaround at this time.

    Resolution

    All Tor users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/tor-0.2.3.25"

    References

    [ 1 ] CVE-2012-3517 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3517 [ 2 ] CVE-2012-3518 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3518 [ 3 ] CVE-2012-3519 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3519 [ 4 ] CVE-2012-4419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4419 [ 5 ] CVE-2012-4922 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4922 [ 6 ] CVE-2012-5573 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5573

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-201301-03.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201208-0157",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "tor",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.37"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "tor",
            "version": "0.2.2.37"
          },
          {
            "model": "tor",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "the tor",
            "version": "0.2.2.38"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "tor",
            "version": "0.2.x"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.225"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.224"
          },
          {
            "model": ".21-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".20-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".19-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".18-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".17-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".16-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".15-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".14-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2.34"
          },
          {
            "model": "business server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "1x8664"
          },
          {
            "model": "business server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "1"
          },
          {
            "model": "tor",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2.38"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2012-4470"
          },
          {
            "db": "BID",
            "id": "55128"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-003893"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-380"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-3517"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:torproject:tor",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-003893"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Arma, Asn, and Nickm",
        "sources": [
          {
            "db": "BID",
            "id": "55128"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-380"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2012-3517",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2012-3517",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2012-3517",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2012-3517",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201208-380",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-003893"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-380"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-3517"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Use-after-free vulnerability in dns.c in Tor before 0.2.2.38 might allow remote attackers to cause a denial of service (daemon crash) via vectors related to failed DNS requests. Tor (The Onion Router) is an implementation of the second generation of onion routing, which allows users to communicate anonymously over the Internet. Tor has a remote vulnerability in its implementation. Multiple denial-of-service vulnerabilities. \n2. An information-disclosure vulnerability. \n3. An out-of-bounds memory-access vulnerability. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n\n Mandriva Linux Security Advisory                         MDVSA-2013:132\n http://www.mandriva.com/en/support/security/\n _______________________________________________________________________\n\n Package : tor\n Date    : April 10, 2013\n Affected: Business Server 1.0\n _______________________________________________________________________\n\n Problem Description:\n\n Updated tor package fixes security vulnerabilities:\n \n Tor before 0.2.2.34, when configured as a client or bridge, sends a TLS\n certificate chain as part of an outgoing OR connection, which allows\n remote relays to bypass intended anonymity properties by reading this\n chain and then determining the set of entry guards that the client\n or bridge had selected (CVE-2011-2768). \n \n Tor before 0.2.2.34, when configured as a bridge, accepts the CREATE\n and CREATE_FAST values in the Command field of a cell within an OR\n connection that it initiated, which allows remote relays to enumerate\n bridges by using these values (CVE-2011-2769). \n \n routerlist.c in Tor before 0.2.2.38 uses a different amount of time\n for relay-list iteration depending on which relay is chosen, which\n might allow remote attackers to obtain sensitive information about\n relay selection via a timing side-channel attack (CVE-2012-3519). \n \n Tor before 0.2.2.39, when waiting for a client to renegotiate, allowed\n it to add bytes to the input buffer, allowing a crash to be caused\n remotely (tor-5934, tor-6007). \n \n The version of Tor shipped in MBS1 did not have correctly formed\n systemd unit and thus failed to start. \n \n This updated version corrects this problem and restores working\n behaviour. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2768\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2769\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3517\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3518\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3519\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4419\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5573\n https://wiki.mageia.org/en/Support/Advisories/MGAA-2012-0184\n https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0276\n https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0356\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 1/X86_64:\n 8cadc920e4452cd2a3551a3cb01d9fcf  mbs1/x86_64/tor-0.2.2.39-1.mbs1.x86_64.rpm \n 7cbba7170bc4f9e6ee8409398437570c  mbs1/SRPMS/tor-0.2.2.39-1.mbs1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security.  You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n  http://www.mandriva.com/en/support/security/advisories/\n\n If you want to report vulnerabilities, please contact\n\n  security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID     Date       User ID\n pub  1024D/22458A98 2000-07-10 Mandriva Security Team\n  \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (GNU/Linux)\n\niD8DBQFRZVsDmqjQ0CJFipgRAm9IAJ9tYUVrI7u2V+7yJGNLn2OVMdOzcACgyrhf\nPUIroe88x4NDpj7AUyd2YP8=\n=x4YG\n-----END PGP SIGNATURE-----\n\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201301-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                            http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n    Title: Tor: Multiple vulnerabilities\n     Date: January 08, 2013\n     Bugs: #432188, #434882, #444804\n       ID: 201301-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Tor, allowing attackers to\ncause Denial of Service or obtain sensitive information. Please review the\nCVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Tor users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=net-misc/tor-0.2.3.25\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-3517\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3517\n[ 2 ] CVE-2012-3518\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3518\n[ 3 ] CVE-2012-3519\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3519\n[ 4 ] CVE-2012-4419\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4419\n[ 5 ] CVE-2012-4922\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4922\n[ 6 ] CVE-2012-5573\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5573\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201301-03.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2012-3517"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-003893"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2012-4470"
          },
          {
            "db": "BID",
            "id": "55128"
          },
          {
            "db": "PACKETSTORM",
            "id": "121258"
          },
          {
            "db": "PACKETSTORM",
            "id": "119351"
          }
        ],
        "trust": 2.61
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2012-3517",
            "trust": 3.5
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2012/08/21/6",
            "trust": 1.6
          },
          {
            "db": "BID",
            "id": "55128",
            "trust": 1.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-003893",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2012-4470",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "20408",
            "trust": 0.6
          },
          {
            "db": "MLIST",
            "id": "[OSS-SECURITY] 20120821 RE: CVE REQUEST -- TOR 0.2.2.38: THREE ISSUES",
            "trust": 0.6
          },
          {
            "db": "MLIST",
            "id": "[TOR-ANNOUNCE] 20120819 TOR 0.2.2.38 IS RELEASED",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-380",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "121258",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "119351",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2012-4470"
          },
          {
            "db": "BID",
            "id": "55128"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-003893"
          },
          {
            "db": "PACKETSTORM",
            "id": "121258"
          },
          {
            "db": "PACKETSTORM",
            "id": "119351"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-380"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-3517"
          }
        ]
      },
      "id": "VAR-201208-0157",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2012-4470"
          }
        ],
        "trust": 1.00865386
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2012-4470"
          }
        ]
      },
      "last_update_date": "2025-04-11T22:49:24.177000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "openSUSE-SU-2012:1068",
            "trust": 0.8,
            "url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00048.html"
          },
          {
            "title": "Bug 849949",
            "trust": 0.8,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=849949"
          },
          {
            "title": "Tor 0.2.2.38 is released",
            "trust": 0.8,
            "url": "https://lists.torproject.org/pipermail/tor-announce/2012-August/000086.html"
          },
          {
            "title": "tor.git / commit",
            "trust": 0.8,
            "url": "https://gitweb.torproject.org/tor.git/commit/62637fa22405278758febb1743da9af562524d4c"
          },
          {
            "title": "Ticket #6480",
            "trust": 0.8,
            "url": "https://trac.torproject.org/projects/tor/ticket/6480"
          },
          {
            "title": "Tor denies service patch vulnerabilities",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/20698"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2012-4470"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-003893"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-399",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-003893"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-3517"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://trac.torproject.org/projects/tor/ticket/6480"
          },
          {
            "trust": 1.6,
            "url": "https://lists.torproject.org/pipermail/tor-announce/2012-august/000086.html"
          },
          {
            "trust": 1.6,
            "url": "https://gitweb.torproject.org/tor.git/commit/62637fa22405278758febb1743da9af562524d4c"
          },
          {
            "trust": 1.6,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=849949"
          },
          {
            "trust": 1.6,
            "url": "http://openwall.com/lists/oss-security/2012/08/21/6"
          },
          {
            "trust": 1.2,
            "url": "http://www.securityfocus.com/bid/55128"
          },
          {
            "trust": 1.1,
            "url": "http://security.gentoo.org/glsa/glsa-201301-03.xml"
          },
          {
            "trust": 1.0,
            "url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00048.html"
          },
          {
            "trust": 1.0,
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-september/088006.html"
          },
          {
            "trust": 0.9,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3517"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3517"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/20408"
          },
          {
            "trust": 0.3,
            "url": "http://marc.info/?l=oss-security\u0026m=134555757608675\u0026w=2"
          },
          {
            "trust": 0.3,
            "url": "http://www.torproject.org/index.html.en"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3519"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-4419"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3517"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3518"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5573"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2769"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3518"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2768"
          },
          {
            "trust": 0.1,
            "url": "https://wiki.mageia.org/en/support/advisories/mgasa-2012-0276"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/en/support/security/"
          },
          {
            "trust": 0.1,
            "url": "https://wiki.mageia.org/en/support/advisories/mgaa-2012-0184"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/en/support/security/advisories/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2768"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5573"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3519"
          },
          {
            "trust": 0.1,
            "url": "https://wiki.mageia.org/en/support/advisories/mgasa-2012-0356"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2769"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4419"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4922"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3517"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5573"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3519"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-4922"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3518"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4419"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2012-4470"
          },
          {
            "db": "BID",
            "id": "55128"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-003893"
          },
          {
            "db": "PACKETSTORM",
            "id": "121258"
          },
          {
            "db": "PACKETSTORM",
            "id": "119351"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-380"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-3517"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2012-4470"
          },
          {
            "db": "BID",
            "id": "55128"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-003893"
          },
          {
            "db": "PACKETSTORM",
            "id": "121258"
          },
          {
            "db": "PACKETSTORM",
            "id": "119351"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-380"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-3517"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2012-08-28T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2012-4470"
          },
          {
            "date": "2012-08-21T00:00:00",
            "db": "BID",
            "id": "55128"
          },
          {
            "date": "2012-08-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2012-003893"
          },
          {
            "date": "2013-04-11T02:39:54",
            "db": "PACKETSTORM",
            "id": "121258"
          },
          {
            "date": "2013-01-09T02:25:38",
            "db": "PACKETSTORM",
            "id": "119351"
          },
          {
            "date": "2012-08-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201208-380"
          },
          {
            "date": "2012-08-26T03:17:44.043000",
            "db": "NVD",
            "id": "CVE-2012-3517"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2012-08-28T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2012-4470"
          },
          {
            "date": "2015-04-13T21:39:00",
            "db": "BID",
            "id": "55128"
          },
          {
            "date": "2012-10-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2012-003893"
          },
          {
            "date": "2012-08-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201208-380"
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2012-3517"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "121258"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-380"
          }
        ],
        "trust": 0.7
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor of  dns.c Denial of service in Japan  ( Daemon crash ) Vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-003893"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "resource management error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-380"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201112-0077

    Vulnerability from variot - Updated: 2025-04-11 22:49

    Tor before 0.2.2.34, when configured as a client or bridge, sends a TLS certificate chain as part of an outgoing OR connection, which allows remote relays to bypass intended anonymity properties by reading this chain and then determining the set of entry guards that the client or bridge had selected. Tor (The Onion Router) is an implementation of the second generation of onion routing, which allows users to communicate anonymously over the Internet. Tor has security holes in its implementation that can be exploited by malicious users to disclose sensitive information. This vulnerability is caused by the client reusing a TLS certificate on some connections. Simulate a user's detection of multiple protection relays by using a user certificate identification key to determine the connection status of the user. Tor is prone to a remote information-disclosure vulnerability and a bridge enumeration weakness. Exploits will allow attackers to obtain sensitive information that can help them launch further attacks. Versions prior to Tor 0.2.2.34 are vulnerable. ----------------------------------------------------------------------

    Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool.

    Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/


    TITLE: Tor TLS Certificate Reuse User De-Anonymisation Security Issue

    SECUNIA ADVISORY ID: SA46634

    VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46634/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46634

    RELEASE DATE: 2011-10-28

    DISCUSS ADVISORY: http://secunia.com/advisories/46634/#comments

    AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

    http://secunia.com/advisories/46634/

    ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

    https://ca.secunia.com/?page=viewadvisory&vuln_id=46634

    ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

    http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

    DESCRIPTION: A security issue has been reported in Tor, which can be exploited by malicious people to disclose potentially sensitive information. This can be exploited to e.g. fingerprint and de-anonymise a user by e.g.

    Note: Additionally, enhancement have been made to protect against bridge enumeration attacks.

    SOLUTION: Update to version 0.2.2.34.

    PROVIDED AND/OR DISCOVERED BY: The vendor credits frosty_un.

    ORIGINAL ADVISORY: https://blog.torproject.org/blog/tor-02234-released-security-patches

    OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/


    About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/advisories/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    .

    Use-after-free vulnerability in dns.c in Tor before 0.2.2.38 might allow remote attackers to cause a denial of service (daemon crash) via vectors related to failed DNS requests (CVE-2012-3517).

    The networkstatus_parse_vote_from_string function in routerparse.c in Tor before 0.2.2.38 does not properly handle an invalid flavor name, which allows remote attackers to cause a denial of service (out-of-bounds read and daemon crash) via a crafted (1) vote document or (2) consensus document (CVE-2012-3518).

    routerlist.c in Tor before 0.2.2.38 uses a different amount of time for relay-list iteration depending on which relay is chosen, which might allow remote attackers to obtain sensitive information about relay selection via a timing side-channel attack (CVE-2012-3519).

    The compare_tor_addr_to_addr_policy function in or/policies.c in Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.21-rc, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a zero-valued port field that is not properly handled during policy comparison (CVE-2012-4419).

    Tor before 0.2.2.39, when waiting for a client to renegotiate, allowed it to add bytes to the input buffer, allowing a crash to be caused remotely (tor-5934, tor-6007).

    Denial of Service vulnerability in Tor before 0.2.3.25, due to an error when handling SENDME cells and can be exploited to cause excessive consumption of memory resources within an entry node (SA51329, CVE-2012-5573).

    The version of Tor shipped in MBS1 did not have correctly formed systemd unit and thus failed to start.


    References:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2768 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2769 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3517 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3518 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3519 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4419 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5573 https://wiki.mageia.org/en/Support/Advisories/MGAA-2012-0184 https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0276 https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0356


    Updated Packages:

    Mandriva Business Server 1/X86_64: 8cadc920e4452cd2a3551a3cb01d9fcf mbs1/x86_64/tor-0.2.2.39-1.mbs1.x86_64.rpm 7cbba7170bc4f9e6ee8409398437570c mbs1/SRPMS/tor-0.2.2.39-1.mbs1.src.rpm


    To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

    All packages are signed by Mandriva for security. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1


    Debian Security Advisory DSA-2331-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff October 28, 2011 http://www.debian.org/security/faq


    Package : tor Vulnerability : several Problem type : remote Debian-specific: no CVE ID : CVE-2011-2768 CVE-2011-2769

    It has been discovered by "frosty_un" that a design flaw in Tor, an online privacy tool, allows malicious relay servers to learn certain information that they should not be able to learn. In combination with other attacks, this issue can lead to deanonymizing the user. The Common Vulnerabilities and Exposures project has assigned CVE-2011-2768 to this issue.

    In addition to fixing the above mentioned issues, the updates to oldstable and stable fix a number of less critical issues (CVE-2011-2769). Please see this posting from the Tor blog for more information: https://blog.torproject.org/blog/tor-02234-released-security-patches

    For the oldstable distribution (lenny), this problem has been fixed in version 0.2.1.31-1~lenny+1. Due to technical limitations in the Debian archive scripts, the update cannot be released synchronously with the packages for stable. It will be released shortly.

    For the stable distribution (squeeze), this problem has been fixed in version 0.2.1.31-1.

    For the unstable and testing distributions, this problem has been fixed in version 0.2.2.34-1.

    For the experimental distribution, this problem have has fixed in version 0.2.3.6-alpha-1.

    We recommend that you upgrade your tor packages.

    Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)

    iEYEARECAAYFAk6q1UIACgkQXm3vHE4uylrH1ACg6Y7x6by9MtC6d2whbYQvf0sV qdgAoM3IeWEe985DCPmvdBDHmEQBDzpk =HWr2 -----END PGP SIGNATURE-----


    Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201201-12


                                            http://security.gentoo.org/
    

    Severity: Normal Title: Tor: Multiple vulnerabilities Date: January 23, 2012 Bugs: #388769, #394969 ID: 201201-12


    Synopsis

    Multiple vulnerabilities have been found in Tor, the most severe of which may allow a remote attacker to execute arbitrary code. * An error in or/buffers.c could result in a heap-based buffer overflow (CVE-2011-2778).

    Impact

    A remote attacker could possibly execute arbitrary code or cause a Denial of Service.

    Workaround

    There is no known workaround at this time.

    Resolution

    All Tor users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/tor-0.2.2.35"

    References

    [ 1 ] CVE-2011-2768 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2768 [ 2 ] CVE-2011-2769 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2769 [ 3 ] CVE-2011-2778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2778

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-201201-12.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201112-0077",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.2.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.2.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.2.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.2.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.28"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.27"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.28"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.8.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.28"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.32"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.29"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.31"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.29"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.27"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.27"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.30"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.31"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.34"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.32"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.33"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.35"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.14"
          },
          {
            "model": "tor",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.33"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.30"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.29"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.19"
          },
          {
            "model": "tor",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "the tor",
            "version": "0.2.2.34"
          },
          {
            "model": "\u003c0.2.2.20-alpha",
            "scope": null,
            "trust": 0.6,
            "vendor": "tor",
            "version": null
          },
          {
            "model": ".21-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".20-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".19-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".18-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".17-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".16-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".15-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".14-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.35"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.34"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.33"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.32"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.31"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.214"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.123"
          },
          {
            "model": ".5-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".4-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".3-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".2-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".1-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.118"
          },
          {
            "model": "alpha-cvs",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.2.1"
          },
          {
            "model": "business server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "1x8664"
          },
          {
            "model": "business server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "1"
          },
          {
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "tor",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2.34"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-5558"
          },
          {
            "db": "BID",
            "id": "50414"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003512"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2768"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:torproject:tor",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003512"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "frosty_un",
        "sources": [
          {
            "db": "BID",
            "id": "50414"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201110-700"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2011-2768",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2011-2768",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2011-5558",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2011-2768",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2011-2768",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2011-5558",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201110-700",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-5558"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003512"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201110-700"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2768"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor before 0.2.2.34, when configured as a client or bridge, sends a TLS certificate chain as part of an outgoing OR connection, which allows remote relays to bypass intended anonymity properties by reading this chain and then determining the set of entry guards that the client or bridge had selected. Tor (The Onion Router) is an implementation of the second generation of onion routing, which allows users to communicate anonymously over the Internet. Tor has security holes in its implementation that can be exploited by malicious users to disclose sensitive information. This vulnerability is caused by the client reusing a TLS certificate on some connections. Simulate a user\u0027s detection of multiple protection relays by using a user certificate identification key to determine the connection status of the user. Tor is prone to a remote information-disclosure vulnerability and a bridge enumeration weakness. \nExploits will allow attackers to obtain sensitive information that can help them launch further attacks. \nVersions prior to Tor 0.2.2.34 are vulnerable. ----------------------------------------------------------------------\n\nOvum says ad hoc tools are out-dated. The best practice approach?\nFast vulnerability intelligence, threat handling, and setup in one tool. \n\nRead the new report on the Secunia VIM:\nhttp://secunia.com/products/corporate/vim/ovum_2011_request/ \n\n----------------------------------------------------------------------\n\nTITLE:\nTor TLS Certificate Reuse User De-Anonymisation Security Issue\n\nSECUNIA ADVISORY ID:\nSA46634\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/46634/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=46634\n\nRELEASE DATE:\n2011-10-28\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/46634/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/46634/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=46634\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA security issue has been reported in Tor, which can be exploited by\nmalicious people to disclose potentially sensitive information. This can be exploited to e.g. \nfingerprint and de-anonymise a user by e.g. \n\nNote: Additionally, enhancement have been made to protect against\nbridge enumeration attacks. \n\nSOLUTION:\nUpdate to version 0.2.2.34. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits frosty_un. \n\nORIGINAL ADVISORY:\nhttps://blog.torproject.org/blog/tor-02234-released-security-patches\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n \n Use-after-free vulnerability in dns.c in Tor before 0.2.2.38 might\n allow remote attackers to cause a denial of service (daemon crash)\n via vectors related to failed DNS requests (CVE-2012-3517). \n \n The networkstatus_parse_vote_from_string function in routerparse.c\n in Tor before 0.2.2.38 does not properly handle an invalid flavor\n name, which allows remote attackers to cause a denial of service\n (out-of-bounds read and daemon crash) via a crafted (1) vote document\n or (2) consensus document (CVE-2012-3518). \n \n routerlist.c in Tor before 0.2.2.38 uses a different amount of time\n for relay-list iteration depending on which relay is chosen, which\n might allow remote attackers to obtain sensitive information about\n relay selection via a timing side-channel attack (CVE-2012-3519). \n \n The compare_tor_addr_to_addr_policy function in or/policies.c in\n Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.21-rc, allows remote\n attackers to cause a denial of service (assertion failure and daemon\n exit) via a zero-valued port field that is not properly handled during\n policy comparison (CVE-2012-4419). \n \n Tor before 0.2.2.39, when waiting for a client to renegotiate, allowed\n it to add bytes to the input buffer, allowing a crash to be caused\n remotely (tor-5934, tor-6007). \n \n Denial of Service vulnerability in Tor before 0.2.3.25, due to an\n error when handling SENDME cells and can be exploited to cause\n excessive consumption of memory resources within an entry node\n (SA51329, CVE-2012-5573). \n \n The version of Tor shipped in MBS1 did not have correctly formed\n systemd unit and thus failed to start. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2768\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2769\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3517\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3518\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3519\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4419\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5573\n https://wiki.mageia.org/en/Support/Advisories/MGAA-2012-0184\n https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0276\n https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0356\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 1/X86_64:\n 8cadc920e4452cd2a3551a3cb01d9fcf  mbs1/x86_64/tor-0.2.2.39-1.mbs1.x86_64.rpm \n 7cbba7170bc4f9e6ee8409398437570c  mbs1/SRPMS/tor-0.2.2.39-1.mbs1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- --------------------------------------------------------------------------\nDebian Security Advisory DSA-2331-1                   security@debian.org\nhttp://www.debian.org/security/                        Moritz Muehlenhoff\nOctober 28, 2011                       http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage        : tor\nVulnerability  : several\nProblem type   : remote\nDebian-specific: no\nCVE ID         : CVE-2011-2768 CVE-2011-2769 \n\nIt has been discovered by \"frosty_un\" that a design flaw in Tor, an online\nprivacy tool, allows malicious relay servers to learn certain information\nthat they should not be able to learn. In combination with other attacks, this issue \ncan lead to deanonymizing the user.  The Common Vulnerabilities and \nExposures project has assigned CVE-2011-2768 to this issue. \n\nIn addition to fixing the above mentioned issues, the updates to oldstable\nand stable fix a number of less critical issues (CVE-2011-2769). Please \nsee this posting from the Tor blog for more information:\nhttps://blog.torproject.org/blog/tor-02234-released-security-patches\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 0.2.1.31-1~lenny+1. Due to technical limitations in the Debian\narchive scripts, the update cannot be released synchronously with the\npackages for stable. It will be released shortly. \n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 0.2.1.31-1. \n\nFor the unstable and testing distributions, this problem has been fixed in\nversion 0.2.2.34-1. \n\nFor the experimental distribution, this problem have has fixed in version\n0.2.3.6-alpha-1. \n\nWe recommend that you upgrade your tor packages. \n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.11 (GNU/Linux)\n\niEYEARECAAYFAk6q1UIACgkQXm3vHE4uylrH1ACg6Y7x6by9MtC6d2whbYQvf0sV\nqdgAoM3IeWEe985DCPmvdBDHmEQBDzpk\n=HWr2\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201201-12\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                            http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n    Title: Tor: Multiple vulnerabilities\n     Date: January 23, 2012\n     Bugs: #388769, #394969\n       ID: 201201-12\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Tor, the most severe of\nwhich may allow a remote attacker to execute arbitrary code. \n* An error in or/buffers.c could result in a heap-based buffer overflow\n  (CVE-2011-2778). \n\nImpact\n======\n\nA remote attacker could possibly execute arbitrary code or cause a\nDenial of Service. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Tor users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=net-misc/tor-0.2.2.35\"\n\nReferences\n==========\n\n[ 1 ] CVE-2011-2768\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2768\n[ 2 ] CVE-2011-2769\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2769\n[ 3 ] CVE-2011-2778\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2778\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201201-12.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2011-2768"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003512"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2011-5558"
          },
          {
            "db": "BID",
            "id": "50414"
          },
          {
            "db": "PACKETSTORM",
            "id": "106334"
          },
          {
            "db": "PACKETSTORM",
            "id": "106460"
          },
          {
            "db": "PACKETSTORM",
            "id": "121258"
          },
          {
            "db": "PACKETSTORM",
            "id": "106343"
          },
          {
            "db": "PACKETSTORM",
            "id": "108997"
          }
        ],
        "trust": 2.88
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2011-2768",
            "trust": 3.6
          },
          {
            "db": "BID",
            "id": "50414",
            "trust": 1.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003512",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "46634",
            "trust": 0.7
          },
          {
            "db": "SECUNIA",
            "id": "46640",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2011-5558",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "18089",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201110-700",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "106334",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "106460",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "121258",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "106343",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "108997",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-5558"
          },
          {
            "db": "BID",
            "id": "50414"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003512"
          },
          {
            "db": "PACKETSTORM",
            "id": "106334"
          },
          {
            "db": "PACKETSTORM",
            "id": "106460"
          },
          {
            "db": "PACKETSTORM",
            "id": "121258"
          },
          {
            "db": "PACKETSTORM",
            "id": "106343"
          },
          {
            "db": "PACKETSTORM",
            "id": "108997"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201110-700"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2768"
          }
        ]
      },
      "id": "VAR-201112-0077",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-5558"
          }
        ],
        "trust": 1.0743589866666665
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-5558"
          }
        ]
      },
      "last_update_date": "2025-04-11T22:49:24.116000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Tor 0.2.2.34 is released (security patches)",
            "trust": 0.8,
            "url": "https://blog.torproject.org/blog/tor-02234-released-security-patches"
          },
          {
            "title": "Tor Directory Remote Information Disclosure Bridge Enumeration Patch",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/35276"
          },
          {
            "title": "Tor Fixes for permissions and access control issues vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=172248"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-5558"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003512"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201110-700"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-264",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003512"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2768"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.1,
            "url": "https://blog.torproject.org/blog/tor-02234-released-security-patches"
          },
          {
            "trust": 1.1,
            "url": "http://www.debian.org/security/2011/dsa-2331"
          },
          {
            "trust": 0.9,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2768"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-2768"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/bid/50414/info"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/46634"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/46640"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/bid/50414"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/18089"
          },
          {
            "trust": 0.3,
            "url": "http://www.torproject.org/index.html.en"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2768"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2769"
          },
          {
            "trust": 0.2,
            "url": "http://secunia.com/vulnerability_intelligence/"
          },
          {
            "trust": 0.2,
            "url": "http://secunia.com/advisories/secunia_security_advisories/"
          },
          {
            "trust": 0.2,
            "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
          },
          {
            "trust": 0.2,
            "url": "http://secunia.com/vulnerability_scanning/personal/"
          },
          {
            "trust": 0.2,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.2,
            "url": "http://secunia.com/products/corporate/vim/ovum_2011_request/"
          },
          {
            "trust": 0.2,
            "url": "http://secunia.com/advisories/about_secunia_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/46634/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/46634/#comments"
          },
          {
            "trust": 0.1,
            "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=46634"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/46640/"
          },
          {
            "trust": 0.1,
            "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=46640"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/46640/#comments"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2769"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3518"
          },
          {
            "trust": 0.1,
            "url": "https://wiki.mageia.org/en/support/advisories/mgasa-2012-0276"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3519"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/en/support/security/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-4419"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3517"
          },
          {
            "trust": 0.1,
            "url": "https://wiki.mageia.org/en/support/advisories/mgaa-2012-0184"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/en/support/security/advisories/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3518"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5573"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3519"
          },
          {
            "trust": 0.1,
            "url": "https://wiki.mageia.org/en/support/advisories/mgasa-2012-0356"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4419"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3517"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5573"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/faq"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2778"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/glsa/glsa-201201-12.xml"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2769"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2778"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2768"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-5558"
          },
          {
            "db": "BID",
            "id": "50414"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003512"
          },
          {
            "db": "PACKETSTORM",
            "id": "106334"
          },
          {
            "db": "PACKETSTORM",
            "id": "106460"
          },
          {
            "db": "PACKETSTORM",
            "id": "121258"
          },
          {
            "db": "PACKETSTORM",
            "id": "106343"
          },
          {
            "db": "PACKETSTORM",
            "id": "108997"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201110-700"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2768"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-5558"
          },
          {
            "db": "BID",
            "id": "50414"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003512"
          },
          {
            "db": "PACKETSTORM",
            "id": "106334"
          },
          {
            "db": "PACKETSTORM",
            "id": "106460"
          },
          {
            "db": "PACKETSTORM",
            "id": "121258"
          },
          {
            "db": "PACKETSTORM",
            "id": "106343"
          },
          {
            "db": "PACKETSTORM",
            "id": "108997"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201110-700"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2768"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2011-10-31T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2011-5558"
          },
          {
            "date": "2011-10-28T00:00:00",
            "db": "BID",
            "id": "50414"
          },
          {
            "date": "2011-12-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-003512"
          },
          {
            "date": "2011-10-28T12:05:57",
            "db": "PACKETSTORM",
            "id": "106334"
          },
          {
            "date": "2011-11-01T07:54:34",
            "db": "PACKETSTORM",
            "id": "106460"
          },
          {
            "date": "2013-04-11T02:39:54",
            "db": "PACKETSTORM",
            "id": "121258"
          },
          {
            "date": "2011-10-28T21:21:09",
            "db": "PACKETSTORM",
            "id": "106343"
          },
          {
            "date": "2012-01-24T04:16:55",
            "db": "PACKETSTORM",
            "id": "108997"
          },
          {
            "date": "1900-01-01T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201110-700"
          },
          {
            "date": "2011-12-23T03:59:21.957000",
            "db": "NVD",
            "id": "CVE-2011-2768"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2011-10-31T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2011-5558"
          },
          {
            "date": "2015-05-07T17:17:00",
            "db": "BID",
            "id": "50414"
          },
          {
            "date": "2011-12-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-003512"
          },
          {
            "date": "2021-12-01T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201110-700"
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2011-2768"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "121258"
          },
          {
            "db": "PACKETSTORM",
            "id": "108997"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201110-700"
          }
        ],
        "trust": 0.8
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor Vulnerable to anonymization property disabled",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-003512"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "permissions and access control issues",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201110-700"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201208-0159

    Vulnerability from variot - Updated: 2025-04-11 22:49

    routerlist.c in Tor before 0.2.2.38 uses a different amount of time for relay-list iteration depending on which relay is chosen, which might allow remote attackers to obtain sensitive information about relay selection via a timing side-channel attack. Tor (The Onion Router) is an implementation of the second generation of onion routing, which allows users to communicate anonymously over the Internet. Tor has a remote vulnerability in its implementation. Attackers can exploit vulnerabilities to obtain sensitive information. Multiple denial-of-service vulnerabilities. 2. An information-disclosure vulnerability. 3. An out-of-bounds memory-access vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1


    Mandriva Linux Security Advisory MDVSA-2013:132 http://www.mandriva.com/en/support/security/


    Package : tor Date : April 10, 2013 Affected: Business Server 1.0


    Problem Description:

    Updated tor package fixes security vulnerabilities:

    Tor before 0.2.2.34, when configured as a client or bridge, sends a TLS certificate chain as part of an outgoing OR connection, which allows remote relays to bypass intended anonymity properties by reading this chain and then determining the set of entry guards that the client or bridge had selected (CVE-2011-2768).

    Tor before 0.2.2.34, when configured as a bridge, accepts the CREATE and CREATE_FAST values in the Command field of a cell within an OR connection that it initiated, which allows remote relays to enumerate bridges by using these values (CVE-2011-2769).

    Use-after-free vulnerability in dns.c in Tor before 0.2.2.38 might allow remote attackers to cause a denial of service (daemon crash) via vectors related to failed DNS requests (CVE-2012-3517).

    The networkstatus_parse_vote_from_string function in routerparse.c in Tor before 0.2.2.38 does not properly handle an invalid flavor name, which allows remote attackers to cause a denial of service (out-of-bounds read and daemon crash) via a crafted (1) vote document or (2) consensus document (CVE-2012-3518).

    The compare_tor_addr_to_addr_policy function in or/policies.c in Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.21-rc, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a zero-valued port field that is not properly handled during policy comparison (CVE-2012-4419).

    Tor before 0.2.2.39, when waiting for a client to renegotiate, allowed it to add bytes to the input buffer, allowing a crash to be caused remotely (tor-5934, tor-6007).

    Denial of Service vulnerability in Tor before 0.2.3.25, due to an error when handling SENDME cells and can be exploited to cause excessive consumption of memory resources within an entry node (SA51329, CVE-2012-5573).

    The version of Tor shipped in MBS1 did not have correctly formed systemd unit and thus failed to start.

    This updated version corrects this problem and restores working behaviour.


    References:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2768 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2769 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3517 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3518 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3519 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4419 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5573 https://wiki.mageia.org/en/Support/Advisories/MGAA-2012-0184 https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0276 https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0356


    Updated Packages:

    Mandriva Business Server 1/X86_64: 8cadc920e4452cd2a3551a3cb01d9fcf mbs1/x86_64/tor-0.2.2.39-1.mbs1.x86_64.rpm 7cbba7170bc4f9e6ee8409398437570c mbs1/SRPMS/tor-0.2.2.39-1.mbs1.src.rpm


    To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

    All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

    gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

    You can view other update advisories for Mandriva Linux at:

    http://www.mandriva.com/en/support/security/advisories/

    If you want to report vulnerabilities, please contact

    security_(at)_mandriva.com


    Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux)

    iD8DBQFRZVsDmqjQ0CJFipgRAm9IAJ9tYUVrI7u2V+7yJGNLn2OVMdOzcACgyrhf PUIroe88x4NDpj7AUyd2YP8= =x4YG -----END PGP SIGNATURE-----

    . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201301-03


                                            http://security.gentoo.org/
    

    Severity: Normal Title: Tor: Multiple vulnerabilities Date: January 08, 2013 Bugs: #432188, #434882, #444804 ID: 201301-03


    Synopsis

    Multiple vulnerabilities have been found in Tor, allowing attackers to cause Denial of Service or obtain sensitive information. Please review the CVE identifiers referenced below for details.

    Workaround

    There is no known workaround at this time.

    Resolution

    All Tor users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/tor-0.2.3.25"

    References

    [ 1 ] CVE-2012-3517 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3517 [ 2 ] CVE-2012-3518 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3518 [ 3 ] CVE-2012-3519 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3519 [ 4 ] CVE-2012-4419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4419 [ 5 ] CVE-2012-4922 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4922 [ 6 ] CVE-2012-5573 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5573

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-201301-03.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5 .

    CVE-2012-3518

    Avoid an uninitialised memory read when reading a vote or consensus document that has an unrecognized flavour name.

    CVE-2012-3519

    Try to leak less information about what relays a client is choosing to a side-channel attacker. This fixes a potential DoS issue [tor-5934, tor-6007].

    For the stable distribution (squeeze), these problems have been fixed in version 0.2.2.39-1.

    For the unstable distribution, these problems have been fixed in version 0.2.3.22-rc-1.

    We recommend that you upgrade your tor packages. ----------------------------------------------------------------------

    The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/


    TITLE: Debian update for tor

    SECUNIA ADVISORY ID: SA50583

    VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50583/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50583

    RELEASE DATE: 2012-09-14

    DISCUSS ADVISORY: http://secunia.com/advisories/50583/#comments

    AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

    http://secunia.com/advisories/50583/

    ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

    https://ca.secunia.com/?page=viewadvisory&vuln_id=50583

    ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

    http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

    DESCRIPTION: Debian has issued an update for tor.

    ORIGINAL ADVISORY: DSA-2548-1: http://www.debian.org/security/2012/dsa-2548

    OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/


    About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/advisories/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201208-0159",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "tor",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.2.37"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "tor",
            "version": "0.2.2.37"
          },
          {
            "model": "tor",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "the tor",
            "version": "0.2.2.38"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "tor",
            "version": "0.2.x"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.225"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.224"
          },
          {
            "model": ".21-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".20-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".19-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".18-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".17-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".16-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".15-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": ".14-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2.34"
          },
          {
            "model": "business server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "1x8664"
          },
          {
            "model": "business server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "1"
          },
          {
            "model": "tor",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.2.38"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2012-4471"
          },
          {
            "db": "BID",
            "id": "55128"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-003895"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-382"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-3519"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:torproject:tor",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-003895"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Arma, Asn, and Nickm",
        "sources": [
          {
            "db": "BID",
            "id": "55128"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-382"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2012-3519",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2012-3519",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2012-3519",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2012-3519",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201208-382",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-003895"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-382"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-3519"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "routerlist.c in Tor before 0.2.2.38 uses a different amount of time for relay-list iteration depending on which relay is chosen, which might allow remote attackers to obtain sensitive information about relay selection via a timing side-channel attack. Tor (The Onion Router) is an implementation of the second generation of onion routing, which allows users to communicate anonymously over the Internet. Tor has a remote vulnerability in its implementation. Attackers can exploit vulnerabilities to obtain sensitive information. Multiple denial-of-service vulnerabilities. \n2. An information-disclosure vulnerability. \n3. An out-of-bounds memory-access vulnerability. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n\n Mandriva Linux Security Advisory                         MDVSA-2013:132\n http://www.mandriva.com/en/support/security/\n _______________________________________________________________________\n\n Package : tor\n Date    : April 10, 2013\n Affected: Business Server 1.0\n _______________________________________________________________________\n\n Problem Description:\n\n Updated tor package fixes security vulnerabilities:\n \n Tor before 0.2.2.34, when configured as a client or bridge, sends a TLS\n certificate chain as part of an outgoing OR connection, which allows\n remote relays to bypass intended anonymity properties by reading this\n chain and then determining the set of entry guards that the client\n or bridge had selected (CVE-2011-2768). \n \n Tor before 0.2.2.34, when configured as a bridge, accepts the CREATE\n and CREATE_FAST values in the Command field of a cell within an OR\n connection that it initiated, which allows remote relays to enumerate\n bridges by using these values (CVE-2011-2769). \n \n Use-after-free vulnerability in dns.c in Tor before 0.2.2.38 might\n allow remote attackers to cause a denial of service (daemon crash)\n via vectors related to failed DNS requests (CVE-2012-3517). \n \n The networkstatus_parse_vote_from_string function in routerparse.c\n in Tor before 0.2.2.38 does not properly handle an invalid flavor\n name, which allows remote attackers to cause a denial of service\n (out-of-bounds read and daemon crash) via a crafted (1) vote document\n or (2) consensus document (CVE-2012-3518). \n \n The compare_tor_addr_to_addr_policy function in or/policies.c in\n Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.21-rc, allows remote\n attackers to cause a denial of service (assertion failure and daemon\n exit) via a zero-valued port field that is not properly handled during\n policy comparison (CVE-2012-4419). \n \n Tor before 0.2.2.39, when waiting for a client to renegotiate, allowed\n it to add bytes to the input buffer, allowing a crash to be caused\n remotely (tor-5934, tor-6007). \n \n Denial of Service vulnerability in Tor before 0.2.3.25, due to an\n error when handling SENDME cells and can be exploited to cause\n excessive consumption of memory resources within an entry node\n (SA51329, CVE-2012-5573). \n \n The version of Tor shipped in MBS1 did not have correctly formed\n systemd unit and thus failed to start. \n \n This updated version corrects this problem and restores working\n behaviour. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2768\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2769\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3517\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3518\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3519\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4419\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5573\n https://wiki.mageia.org/en/Support/Advisories/MGAA-2012-0184\n https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0276\n https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0356\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 1/X86_64:\n 8cadc920e4452cd2a3551a3cb01d9fcf  mbs1/x86_64/tor-0.2.2.39-1.mbs1.x86_64.rpm \n 7cbba7170bc4f9e6ee8409398437570c  mbs1/SRPMS/tor-0.2.2.39-1.mbs1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security.  You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n  http://www.mandriva.com/en/support/security/advisories/\n\n If you want to report vulnerabilities, please contact\n\n  security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID     Date       User ID\n pub  1024D/22458A98 2000-07-10 Mandriva Security Team\n  \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (GNU/Linux)\n\niD8DBQFRZVsDmqjQ0CJFipgRAm9IAJ9tYUVrI7u2V+7yJGNLn2OVMdOzcACgyrhf\nPUIroe88x4NDpj7AUyd2YP8=\n=x4YG\n-----END PGP SIGNATURE-----\n\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201301-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                            http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n    Title: Tor: Multiple vulnerabilities\n     Date: January 08, 2013\n     Bugs: #432188, #434882, #444804\n       ID: 201301-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Tor, allowing attackers to\ncause Denial of Service or obtain sensitive information. Please review the\nCVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Tor users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=net-misc/tor-0.2.3.25\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-3517\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3517\n[ 2 ] CVE-2012-3518\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3518\n[ 3 ] CVE-2012-3519\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3519\n[ 4 ] CVE-2012-4419\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4419\n[ 5 ] CVE-2012-4922\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4922\n[ 6 ] CVE-2012-5573\n      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5573\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201301-03.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. \n\nCVE-2012-3518\n\n  Avoid an uninitialised memory read when reading a vote or consensus\n  document that has an unrecognized flavour name. \n\nCVE-2012-3519\n\n  Try to leak less information about what relays a client is choosing to\n  a side-channel attacker. This fixes a potential DoS issue\n  [tor-5934, tor-6007]. \n\nFor the stable distribution (squeeze), these problems have been fixed in\nversion 0.2.2.39-1. \n\nFor the unstable distribution, these problems have been fixed in version\n0.2.3.22-rc-1. \n\nWe recommend that you upgrade your tor packages. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nDebian update for tor\n\nSECUNIA ADVISORY ID:\nSA50583\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50583/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50583\n\nRELEASE DATE:\n2012-09-14\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50583/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50583/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50583\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nDebian has issued an update for tor. \n\nORIGINAL ADVISORY:\nDSA-2548-1:\nhttp://www.debian.org/security/2012/dsa-2548\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2012-3519"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-003895"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2012-4471"
          },
          {
            "db": "BID",
            "id": "55128"
          },
          {
            "db": "PACKETSTORM",
            "id": "121258"
          },
          {
            "db": "PACKETSTORM",
            "id": "119351"
          },
          {
            "db": "PACKETSTORM",
            "id": "116520"
          },
          {
            "db": "PACKETSTORM",
            "id": "116554"
          }
        ],
        "trust": 2.79
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2012-3519",
            "trust": 3.6
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2012/08/21/6",
            "trust": 1.6
          },
          {
            "db": "BID",
            "id": "55128",
            "trust": 1.5
          },
          {
            "db": "SECUNIA",
            "id": "50583",
            "trust": 1.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-003895",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2012-4471",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "20408",
            "trust": 0.6
          },
          {
            "db": "MLIST",
            "id": "[OSS-SECURITY] 20120821 RE: CVE REQUEST -- TOR 0.2.2.38: THREE ISSUES",
            "trust": 0.6
          },
          {
            "db": "MLIST",
            "id": "[TOR-ANNOUNCE] 20120819 TOR 0.2.2.38 IS RELEASED",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-382",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "121258",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "119351",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "116520",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "116554",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2012-4471"
          },
          {
            "db": "BID",
            "id": "55128"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-003895"
          },
          {
            "db": "PACKETSTORM",
            "id": "121258"
          },
          {
            "db": "PACKETSTORM",
            "id": "119351"
          },
          {
            "db": "PACKETSTORM",
            "id": "116520"
          },
          {
            "db": "PACKETSTORM",
            "id": "116554"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-382"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-3519"
          }
        ]
      },
      "id": "VAR-201208-0159",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2012-4471"
          }
        ],
        "trust": 1.00865386
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2012-4471"
          }
        ]
      },
      "last_update_date": "2025-04-11T22:49:24.065000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "openSUSE-SU-2012:1068",
            "trust": 0.8,
            "url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00048.html"
          },
          {
            "title": "Tor 0.2.2.38 is released",
            "trust": 0.8,
            "url": "https://lists.torproject.org/pipermail/tor-announce/2012-August/000086.html"
          },
          {
            "title": "tor.git / commit - Try to clarify impact of bug 6537",
            "trust": 0.8,
            "url": "https://gitweb.torproject.org/tor.git/commit/d48cebc5e498b0ae673635f40fc57cdddab45d5b"
          },
          {
            "title": "tor.git / commit - Mitigate a side-channel leak of which relays Tor chooses for a circuit",
            "trust": 0.8,
            "url": "https://gitweb.torproject.org/tor.git/commit/308f6dad20675c42b29862f4269ad1fbfb00dc9a"
          },
          {
            "title": "Ticket #6537",
            "trust": 0.8,
            "url": "https://trac.torproject.org/projects/tor/ticket/6537"
          },
          {
            "title": "Tor information disclosure vulnerability patch",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/20695"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2012-4471"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-003895"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-200",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-003895"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-3519"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://trac.torproject.org/projects/tor/ticket/6537"
          },
          {
            "trust": 1.6,
            "url": "https://lists.torproject.org/pipermail/tor-announce/2012-august/000086.html"
          },
          {
            "trust": 1.6,
            "url": "https://gitweb.torproject.org/tor.git/commit/d48cebc5e498b0ae673635f40fc57cdddab45d5b"
          },
          {
            "trust": 1.6,
            "url": "https://gitweb.torproject.org/tor.git/commit/308f6dad20675c42b29862f4269ad1fbfb00dc9a"
          },
          {
            "trust": 1.6,
            "url": "http://openwall.com/lists/oss-security/2012/08/21/6"
          },
          {
            "trust": 1.2,
            "url": "http://www.securityfocus.com/bid/55128"
          },
          {
            "trust": 1.1,
            "url": "http://security.gentoo.org/glsa/glsa-201301-03.xml"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/50583"
          },
          {
            "trust": 1.0,
            "url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00048.html"
          },
          {
            "trust": 0.9,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3519"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3519"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/20408"
          },
          {
            "trust": 0.3,
            "url": "http://marc.info/?l=oss-security\u0026m=134555757608675\u0026w=2"
          },
          {
            "trust": 0.3,
            "url": "http://www.torproject.org/index.html.en"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3519"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-4419"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3518"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3517"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5573"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2769"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3518"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2768"
          },
          {
            "trust": 0.1,
            "url": "https://wiki.mageia.org/en/support/advisories/mgasa-2012-0276"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/en/support/security/"
          },
          {
            "trust": 0.1,
            "url": "https://wiki.mageia.org/en/support/advisories/mgaa-2012-0184"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/en/support/security/advisories/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2768"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5573"
          },
          {
            "trust": 0.1,
            "url": "https://wiki.mageia.org/en/support/advisories/mgasa-2012-0356"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2769"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4419"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3517"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4922"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3517"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5573"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3519"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-4922"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3518"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4419"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/faq"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50583"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/50583/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/vulnerability_intelligence/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/about_secunia_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/50583/#comments"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/vulnerability_scanning/personal/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/blog/325/"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/2012/dsa-2548"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2012-4471"
          },
          {
            "db": "BID",
            "id": "55128"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-003895"
          },
          {
            "db": "PACKETSTORM",
            "id": "121258"
          },
          {
            "db": "PACKETSTORM",
            "id": "119351"
          },
          {
            "db": "PACKETSTORM",
            "id": "116520"
          },
          {
            "db": "PACKETSTORM",
            "id": "116554"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-382"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-3519"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2012-4471"
          },
          {
            "db": "BID",
            "id": "55128"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-003895"
          },
          {
            "db": "PACKETSTORM",
            "id": "121258"
          },
          {
            "db": "PACKETSTORM",
            "id": "119351"
          },
          {
            "db": "PACKETSTORM",
            "id": "116520"
          },
          {
            "db": "PACKETSTORM",
            "id": "116554"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-382"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-3519"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2012-08-28T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2012-4471"
          },
          {
            "date": "2012-08-21T00:00:00",
            "db": "BID",
            "id": "55128"
          },
          {
            "date": "2012-08-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2012-003895"
          },
          {
            "date": "2013-04-11T02:39:54",
            "db": "PACKETSTORM",
            "id": "121258"
          },
          {
            "date": "2013-01-09T02:25:38",
            "db": "PACKETSTORM",
            "id": "119351"
          },
          {
            "date": "2012-09-14T01:52:39",
            "db": "PACKETSTORM",
            "id": "116520"
          },
          {
            "date": "2012-09-14T04:04:24",
            "db": "PACKETSTORM",
            "id": "116554"
          },
          {
            "date": "2012-08-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201208-382"
          },
          {
            "date": "2012-08-26T03:17:44.153000",
            "db": "NVD",
            "id": "CVE-2012-3519"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2012-08-28T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2012-4471"
          },
          {
            "date": "2015-04-13T21:39:00",
            "db": "BID",
            "id": "55128"
          },
          {
            "date": "2012-10-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2012-003895"
          },
          {
            "date": "2012-08-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201208-382"
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2012-3519"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "121258"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-382"
          }
        ],
        "trust": 0.7
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor of  routerlist.c Vulnerability in which important information is obtained",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-003895"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "information disclosure",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-382"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201401-0517

    Vulnerability from variot - Updated: 2025-04-11 21:06

    Tor before 0.2.4.20, when OpenSSL 1.x is used in conjunction with a certain HardwareAccel setting on Intel Sandy Bridge and Ivy Bridge platforms, does not properly generate random numbers for (1) relay identity keys and (2) hidden-service identity keys, which might make it easier for remote attackers to bypass cryptographic protection mechanisms via unspecified vectors. Tor (The Onion Router) is an implementation of the second generation onion routing, which is mainly used to access the Internet anonymously. There are security holes in Tor. An attacker could use this vulnerability to bypass security restrictions. There are vulnerabilities in Tor 0.2.4.19. Other versions may also be affected. This may aid in further attacks.

    Update to version 0.2.4.22 solves these major and security problems:

    • Block authority signing keys that were used on authorities vulnerable to the heartbleed bug in OpenSSL (CVE-2014-0160).

    • Fix a memory leak that could occur if a microdescriptor parse fails during the tokenizing step.

    • The relay ciphersuite list is now generated automatically based on uniform criteria, and includes all OpenSSL ciphersuites with acceptable strength and forward secrecy.

    • Relays now trust themselves to have a better view than clients of which TLS ciphersuites are better than others.

    • Clients now try to advertise the same list of ciphersuites as Firefox 28.

    For other changes see the upstream change log


    References:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160 http://advisories.mageia.org/MGASA-2014-0059.html http://advisories.mageia.org/MGASA-2014-0256.html


    Updated Packages:

    Mandriva Business Server 1/X86_64: 77035fd2ff3c6df5effbaf9ee78bdaf4 mbs1/x86_64/tor-0.2.4.22-1.mbs1.x86_64.rpm cccaec1a8425ebfce0bb7d8057d38d6e mbs1/SRPMS/tor-0.2.4.22-1.mbs1.src.rpm


    To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

    All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

    gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

    You can view other update advisories for Mandriva Linux at:

    http://www.mandriva.com/en/support/security/advisories/

    If you want to report vulnerabilities, please contact

    security_(at)_mandriva.com


    Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux)

    iD8DBQFTmDAPmqjQ0CJFipgRAqq4AJ9ZIEn/fqUynENotuSA2kTLnKwpJgCgkh59 ssWQCdn4l3H2KyxX+IQBsxw= =fSis -----END PGP SIGNATURE-----

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201401-0517",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "torproject",
            "version": "0.2.4.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "torproject",
            "version": "0.2.4.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "torproject",
            "version": "0.2.4.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "torproject",
            "version": "0.2.4.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "torproject",
            "version": "0.2.4.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "torproject",
            "version": "0.2.4.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "torproject",
            "version": "0.2.4.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "torproject",
            "version": "0.2.4.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "torproject",
            "version": "0.2.4.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "torproject",
            "version": "0.2.4.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "torproject",
            "version": "0.2.4.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "torproject",
            "version": "0.2.4.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "torproject",
            "version": "0.2.4.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "torproject",
            "version": "0.2.4.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "torproject",
            "version": "0.2.4.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "torproject",
            "version": "0.2.4.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "torproject",
            "version": "0.2.4.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "torproject",
            "version": "0.2.4.12"
          },
          {
            "model": "tor",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "torproject",
            "version": "0.2.4.19"
          },
          {
            "model": "tor",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "the tor",
            "version": "0.2.4.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "tor",
            "version": "0.2.4.19"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00091"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005865"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201401-371"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-7295"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:torproject:tor",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005865"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Unknown",
        "sources": [
          {
            "db": "BID",
            "id": "64651"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2013-7295",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "HIGH",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 4.9,
                "id": "CVE-2013-7295",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CNVD-2014-00091",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2013-7295",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2013-7295",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2014-00091",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201401-371",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00091"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005865"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201401-371"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-7295"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor before 0.2.4.20, when OpenSSL 1.x is used in conjunction with a certain HardwareAccel setting on Intel Sandy Bridge and Ivy Bridge platforms, does not properly generate random numbers for (1) relay identity keys and (2) hidden-service identity keys, which might make it easier for remote attackers to bypass cryptographic protection mechanisms via unspecified vectors. Tor (The Onion Router) is an implementation of the second generation onion routing, which is mainly used to access the Internet anonymously. \nThere are security holes in Tor. An attacker could use this vulnerability to bypass security restrictions. There are vulnerabilities in Tor 0.2.4.19. Other versions may also be affected. This may aid in further attacks. \n \n Update to version 0.2.4.22 solves these major and security problems:\n \n - Block authority signing keys that were used on authorities vulnerable\n to the heartbleed bug in OpenSSL (CVE-2014-0160). \n \n - Fix a memory leak that could occur if a microdescriptor parse fails\n during the tokenizing step. \n \n - The relay ciphersuite list is now generated automatically based on\n uniform criteria, and includes all OpenSSL ciphersuites with acceptable\n strength and forward secrecy. \n \n - Relays now trust themselves to have a better view than clients of\n which TLS ciphersuites are better than others. \n \n - Clients now try to advertise the same list of ciphersuites as\n Firefox 28. \n \n For other changes see the upstream change log\n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7295\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160\n http://advisories.mageia.org/MGASA-2014-0059.html\n http://advisories.mageia.org/MGASA-2014-0256.html\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 1/X86_64:\n 77035fd2ff3c6df5effbaf9ee78bdaf4  mbs1/x86_64/tor-0.2.4.22-1.mbs1.x86_64.rpm \n cccaec1a8425ebfce0bb7d8057d38d6e  mbs1/SRPMS/tor-0.2.4.22-1.mbs1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security.  You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n  http://www.mandriva.com/en/support/security/advisories/\n\n If you want to report vulnerabilities, please contact\n\n  security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID     Date       User ID\n pub  1024D/22458A98 2000-07-10 Mandriva Security Team\n  \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (GNU/Linux)\n\niD8DBQFTmDAPmqjQ0CJFipgRAqq4AJ9ZIEn/fqUynENotuSA2kTLnKwpJgCgkh59\nssWQCdn4l3H2KyxX+IQBsxw=\n=fSis\n-----END PGP SIGNATURE-----\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2013-7295"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005865"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-00091"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201401-078"
          },
          {
            "db": "BID",
            "id": "64651"
          },
          {
            "db": "PACKETSTORM",
            "id": "127069"
          }
        ],
        "trust": 3.06
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2013-7295",
            "trust": 2.8
          },
          {
            "db": "BID",
            "id": "64651",
            "trust": 1.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005865",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-00091",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201401-078",
            "trust": 0.6
          },
          {
            "db": "MLIST",
            "id": "[TOR-TALK] 20131223 TOR 0.2.4.20 IS RELEASED",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201401-371",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "127069",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00091"
          },
          {
            "db": "BID",
            "id": "64651"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005865"
          },
          {
            "db": "PACKETSTORM",
            "id": "127069"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201401-078"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201401-371"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-7295"
          }
        ]
      },
      "id": "VAR-201401-0517",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00091"
          }
        ],
        "trust": 0.06
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00091"
          }
        ]
      },
      "last_update_date": "2025-04-11T21:06:16.132000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "[tor-talk] Tor 0.2.4.20 is released",
            "trust": 0.8,
            "url": "https://lists.torproject.org/pipermail/tor-talk/2013-December/031483.html"
          },
          {
            "title": "Tor random number generation vulnerability patch",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/42181"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00091"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005865"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-310",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005865"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-7295"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.9,
            "url": "https://lists.torproject.org/pipermail/tor-talk/2013-december/031483.html"
          },
          {
            "trust": 1.2,
            "url": "http://www.securityfocus.com/bid/64651"
          },
          {
            "trust": 1.0,
            "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00095.html"
          },
          {
            "trust": 0.9,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-7295"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-7295"
          },
          {
            "trust": 0.3,
            "url": "https://www.torproject.org/index.html.en"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-7295"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0160"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/en/support/security/"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/en/support/security/advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://advisories.mageia.org/mgasa-2014-0059.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0160"
          },
          {
            "trust": 0.1,
            "url": "http://advisories.mageia.org/mgasa-2014-0256.html"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00091"
          },
          {
            "db": "BID",
            "id": "64651"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005865"
          },
          {
            "db": "PACKETSTORM",
            "id": "127069"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201401-078"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201401-371"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-7295"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-00091"
          },
          {
            "db": "BID",
            "id": "64651"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005865"
          },
          {
            "db": "PACKETSTORM",
            "id": "127069"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201401-078"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201401-371"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-7295"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-01-08T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-00091"
          },
          {
            "date": "2013-12-23T00:00:00",
            "db": "BID",
            "id": "64651"
          },
          {
            "date": "2014-01-23T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2013-005865"
          },
          {
            "date": "2014-06-12T13:43:49",
            "db": "PACKETSTORM",
            "id": "127069"
          },
          {
            "date": "2013-12-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201401-078"
          },
          {
            "date": "2014-01-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201401-371"
          },
          {
            "date": "2014-01-17T21:55:14.613000",
            "db": "NVD",
            "id": "CVE-2013-7295"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-01-08T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-00091"
          },
          {
            "date": "2014-06-11T19:35:00",
            "db": "BID",
            "id": "64651"
          },
          {
            "date": "2014-01-23T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2013-005865"
          },
          {
            "date": "2014-01-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201401-078"
          },
          {
            "date": "2014-01-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201401-371"
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2013-7295"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "BID",
            "id": "64651"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201401-078"
          }
        ],
        "trust": 0.9
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor Vulnerability bypasses cryptographic protection mechanisms",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-005865"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "encryption problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201401-371"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201001-0281

    Vulnerability from variot - Updated: 2021-12-17 08:08

    Tor before 0.2.1.22, and 0.2.2.x before 0.2.2.7-alpha, uses deprecated identity keys for certain directory authorities, which makes it easier for man-in-the-middle attackers to compromise the anonymity of traffic sources and destinations. Tor (The Onion Router) is an implementation of the second generation of onion routing software, through which users can communicate anonymously over the Internet. If the user submits a specially made query request to the bridge official directory, the directory authority will reveal all the tracked bridge identities in the response of dbg-stability.txt, which is an information disclosure. Tor is prone to a remote information-disclosure vulnerability. Exploits will allow attackers to obtain sensitive information that can help them launch further attacks. NOTE: Since certain Tor infrastructures were compromised, new version 3 identity keys have been issued. Versions prior to Tor 0.2.1.22 are vulnerable

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201001-0281",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.1.2.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.1.2.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.1.2.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.2.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.9_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.8_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.4_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.8.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.1_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.6_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.1_alpha-cvs"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.3_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.10_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.30"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.7_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.2_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre27"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.5_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "the tor",
            "version": "0.2.2.7-alpha"
          },
          {
            "model": "tor",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "the tor",
            "version": "0.2.2.x"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "tor",
            "version": "0.2.x"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.35"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.34"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.33"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.32"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.31"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.214"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.123"
          },
          {
            "model": ".5-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".4-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".3-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".2-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".1-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.118"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.2.15"
          },
          {
            "model": "alpha-cvs",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.2.1"
          },
          {
            "model": "tor",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.1.22"
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2010-0383"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-253"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-5332"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005250"
          },
          {
            "db": "BID",
            "id": "37901"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.2.1.1.13:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.2.1.1.14:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.2.1.1.21:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.6.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.13:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.14:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.9.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.9.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.2.13:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.2.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.2_pre18:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.2_pre16:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.8_alpha:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.4_alpha:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.16:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.15:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.18:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.19:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.10_alpha:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.2.16:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.2.18:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.2.7:alpha:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.2.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.2.2.6:alpha:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.2.1.1.17:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.2.1.1.18:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.7.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.7.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.2_pre27:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.9.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.9.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.2_pre22:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.2_pre23:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.25:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.2_pre13:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.6_alpha:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.2.1_alpha-cvs:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.26:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.19:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.20:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.21:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.14:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.15:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.16:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.2.30:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.2.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.2.2.3:alpha:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.2.2.7:alpha:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.2.1.1.12:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.2.1.1.19:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.2.1.1.20:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.6.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.2_pre26:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.2_pre25:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.9.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.9.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.9.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.2.12:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.2_pre24:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.2_pre17:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.2_pre14:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.2_pre15:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.9_alpha:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.5_alpha:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.1_alpha:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.22:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.23:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.17:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.2.14:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.2.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.2.5:alpha:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.2.2.5:alpha:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.2.2.4:alpha:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.2.1.1.15:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.2.1.1.16:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.8.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.7.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.12:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.9.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.9.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.9.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.2.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.2_pre21:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.2_pre19:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.2_pre20:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.7_alpha:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.3_alpha:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.18:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.17:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.2_alpha:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.12:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.13:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.2.19:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.2.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.2.2.1:alpha:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.2.2.2:alpha:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2010-0383"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Roger Dingledine",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-253"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2010-0383",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2010-0383",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "MEDIUM",
                "trust": 1.8,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2010-5332",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2010-0383",
                "trust": 1.8,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201001-253",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2010-5332",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2010-0383"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-253"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-5332"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005250"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor before 0.2.1.22, and 0.2.2.x before 0.2.2.7-alpha, uses deprecated identity keys for certain directory authorities, which makes it easier for man-in-the-middle attackers to compromise the anonymity of traffic sources and destinations. Tor (The Onion Router) is an implementation of the second generation of onion routing software, through which users can communicate anonymously over the Internet. If the user submits a specially made query request to the bridge official directory, the directory authority will reveal all the tracked bridge identities in the response of dbg-stability.txt, which is an information disclosure. Tor is prone to a remote information-disclosure vulnerability. \nExploits will allow attackers to obtain sensitive information that can help them launch further attacks. \nNOTE:  Since certain Tor infrastructures were compromised, new version 3 identity keys have been issued. \nVersions prior to Tor 0.2.1.22 are vulnerable",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2010-0383"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005250"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-5332"
          },
          {
            "db": "BID",
            "id": "37901"
          }
        ],
        "trust": 2.43
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2010-0383",
            "trust": 3.3
          },
          {
            "db": "BID",
            "id": "37901",
            "trust": 2.5
          },
          {
            "db": "OSVDB",
            "id": "61977",
            "trust": 1.6
          },
          {
            "db": "SECUNIA",
            "id": "38198",
            "trust": 1.6
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005250",
            "trust": 0.8
          },
          {
            "db": "MLIST",
            "id": "[OR-TALK] 20100120 TOR PROJECT INFRASTRUCTURE UPDATES IN RESPONSE TO SECURITY BREACH",
            "trust": 0.6
          },
          {
            "db": "MLIST",
            "id": "[OR-TALK] 20100120 RE: TOR PROJECT INFRASTRUCTURE UPDATES IN RESPONSE TO SECURITY BREACH",
            "trust": 0.6
          },
          {
            "db": "MLIST",
            "id": "[OR-TALK] 20100120 TOR 0.2.2.7-ALPHA IS OUT",
            "trust": 0.6
          },
          {
            "db": "MLIST",
            "id": "[OR-ANNOUNCE] 20100121 TOR 0.2.1.22 IS RELEASED (SECURITY FIX)",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "14397",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-253",
            "trust": 0.6
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-5332",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2010-0383"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-253"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-5332"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005250"
          },
          {
            "db": "BID",
            "id": "37901"
          }
        ]
      },
      "id": "VAR-201001-0281",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2010-5332"
          }
        ],
        "trust": 0.06
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2010-5332"
          }
        ]
      },
      "last_update_date": "2021-12-17T08:08:14.210000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "https://www.torproject.org/"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005250"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-200",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2010-0383"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005250"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.2,
            "url": "http://www.securityfocus.com/bid/37901"
          },
          {
            "trust": 1.9,
            "url": "http://archives.seul.org/or/talk/jan-2010/msg00161.html"
          },
          {
            "trust": 1.6,
            "url": "http://archives.seul.org/or/talk/jan-2010/msg00165.html"
          },
          {
            "trust": 1.6,
            "url": "http://secunia.com/advisories/38198"
          },
          {
            "trust": 1.6,
            "url": "http://archives.seul.org/or/announce/jan-2010/msg00000.html"
          },
          {
            "trust": 1.6,
            "url": "http://archives.seul.org/or/talk/jan-2010/msg00162.html"
          },
          {
            "trust": 1.6,
            "url": "http://osvdb.org/61977"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0383"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0383"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/14397"
          },
          {
            "trust": 0.3,
            "url": "http://www.torproject.org/index.html.en"
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2010-0383"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-253"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-5332"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005250"
          },
          {
            "db": "BID",
            "id": "37901"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2010-0383"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-253"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-5332"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005250"
          },
          {
            "db": "BID",
            "id": "37901"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2010-01-25T19:30:00",
            "db": "NVD",
            "id": "CVE-2010-0383"
          },
          {
            "date": "2010-01-25T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201001-253"
          },
          {
            "date": "2010-01-25T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2010-5332"
          },
          {
            "date": "2012-12-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2010-005250"
          },
          {
            "date": "2010-01-21T00:00:00",
            "db": "BID",
            "id": "37901"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2010-02-05T07:13:00",
            "db": "NVD",
            "id": "CVE-2010-0383"
          },
          {
            "date": "2010-01-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201001-253"
          },
          {
            "date": "2010-01-25T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2010-5332"
          },
          {
            "date": "2012-12-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2010-005250"
          },
          {
            "date": "2015-04-13T21:03:00",
            "db": "BID",
            "id": "37901"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-253"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor Official Directory Query Request Information Disclosure Vulnerability",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-253"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-5332"
          }
        ],
        "trust": 1.2
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "information disclosure",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-253"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201001-0283

    Vulnerability from variot - Updated: 2021-12-17 08:08

    Tor before 0.2.1.22, and 0.2.2.x before 0.2.2.7-alpha, when functioning as a bridge directory authority, allows remote attackers to obtain sensitive information about bridge identities and bridge descriptors via a dbg-stability.txt directory query. Tor (The Onion Router) is an implementation of the second generation of onion routing, through which users can communicate anonymously over the Internet. Tor is prone to a remote information-disclosure vulnerability. Exploits will allow attackers to obtain sensitive information that can help them launch further attacks. NOTE: Since certain Tor infrastructures were compromised, new version 3 identity keys have been issued. Versions prior to Tor 0.2.1.22 are vulnerable

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201001-0283",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.1.2.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.1.2.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.1.2.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tor",
            "version": "0.2.2.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.2.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.1.0.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "tor",
            "version": "0.0.9.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.9_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.4_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.8.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.1_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.12"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.17"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.6_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.25"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.1_alpha-cvs"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre24"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.11"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.3_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.22"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.8_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.7"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.10_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.23"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.13"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.4"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.16"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.19"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.30"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.6"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.2.14"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.15"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.8"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.7_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.3"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.7.2"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.5"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.26"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.2_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.0.2_pre27"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.10"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.9"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.18"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.0.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.2.1.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tor",
            "version": "0.1.1.5_alpha"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "the tor",
            "version": "0.2.2.7-alpha"
          },
          {
            "model": "tor",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "the tor",
            "version": "0.2.2.x"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "tor",
            "version": "0.2.x"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.35"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.34"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.33"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.32"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.31"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.214"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.123"
          },
          {
            "model": ".5-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".4-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".3-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".2-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": ".1-alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.1"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.118"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.1.21"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.1.20"
          },
          {
            "model": "tor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.2.15"
          },
          {
            "model": "alpha-cvs",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.1.2.1"
          },
          {
            "model": "tor",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "tor",
            "version": "0.2.1.22"
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2010-0385"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-255"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-5331"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005252"
          },
          {
            "db": "BID",
            "id": "37901"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.2.1.1.12:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.2.1.1.13:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.2.1.1.14:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.2.1.1.15:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.2.1.1.16:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.6.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.6.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.9.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.9.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.9.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.9.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.2_pre18:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.2_pre19:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.2.1.1.21:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.8.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.2_pre25:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.13:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.14:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.12:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.2.12:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.2.13:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.2.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.2.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.2_pre16:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.7_alpha:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.4_alpha:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.18:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.19:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.2.14:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.2.16:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.2.18:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.2.19:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.2.2.6:alpha:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.2.1.1.17:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.2.1.1.19:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.7.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.2_pre27:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.9.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.9.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.9.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.2_pre21:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.2_pre23:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.2_pre17:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.25:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.2_pre14:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.6_alpha:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.9_alpha:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.2_alpha:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.21:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.23:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.14:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.16:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.2.30:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.2.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.2.2.7:alpha:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.2.2.4:alpha:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.2.1.1.18:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.2.1.1.20:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.7.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.7.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.2_pre26:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.9.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.9.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.9.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.2_pre22:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.2_pre24:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.2_pre13:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.2_pre15:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.2.1_alpha-cvs:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.26:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.5_alpha:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.17:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.19:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.20:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.22:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.15:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.17:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.2.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.2.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.2.2.3:alpha:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.2.2.5:alpha:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.0.2_pre20:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.8_alpha:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.3_alpha:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.1_alpha:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.16:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.15:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.0.18:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.10_alpha:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.12:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.1.13:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.2.5:alpha:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.2.7:alpha:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.1.2.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.2.2.1:alpha:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:tor:tor:0.2.2.2:alpha:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2010-0385"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Roger Dingledine",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-255"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2010-0385",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2010-0385",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "MEDIUM",
                "trust": 1.8,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2010-5331",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2010-0385",
                "trust": 1.8,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201001-255",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2010-5331",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2010-0385"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-255"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-5331"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005252"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor before 0.2.1.22, and 0.2.2.x before 0.2.2.7-alpha, when functioning as a bridge directory authority, allows remote attackers to obtain sensitive information about bridge identities and bridge descriptors via a dbg-stability.txt directory query. Tor (The Onion Router) is an implementation of the second generation of onion routing, through which users can communicate anonymously over the Internet. Tor is prone to a remote information-disclosure vulnerability. \nExploits will allow attackers to obtain sensitive information that can help them launch further attacks. \nNOTE:  Since certain Tor infrastructures were compromised, new version 3 identity keys have been issued. \nVersions prior to Tor 0.2.1.22 are vulnerable",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2010-0385"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005252"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-5331"
          },
          {
            "db": "BID",
            "id": "37901"
          }
        ],
        "trust": 2.43
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2010-0385",
            "trust": 3.3
          },
          {
            "db": "BID",
            "id": "37901",
            "trust": 2.5
          },
          {
            "db": "OSVDB",
            "id": "61865",
            "trust": 1.6
          },
          {
            "db": "SECUNIA",
            "id": "38198",
            "trust": 1.6
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005252",
            "trust": 0.8
          },
          {
            "db": "NSFOCUS",
            "id": "14397",
            "trust": 0.6
          },
          {
            "db": "MLIST",
            "id": "[OR-TALK] 20100120 TOR 0.2.2.7-ALPHA IS OUT",
            "trust": 0.6
          },
          {
            "db": "MLIST",
            "id": "[OR-ANNOUNCE] 20100121 TOR 0.2.1.22 IS RELEASED (SECURITY FIX)",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-255",
            "trust": 0.6
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-5331",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2010-0385"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-255"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-5331"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005252"
          },
          {
            "db": "BID",
            "id": "37901"
          }
        ]
      },
      "id": "VAR-201001-0283",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2010-5331"
          }
        ],
        "trust": 0.06
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2010-5331"
          }
        ]
      },
      "last_update_date": "2021-12-17T08:08:14.005000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "https://www.torproject.org/"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005252"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-200",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2010-0385"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005252"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.2,
            "url": "http://www.securityfocus.com/bid/37901"
          },
          {
            "trust": 1.6,
            "url": "http://archives.seul.org/or/talk/jan-2010/msg00162.html"
          },
          {
            "trust": 1.6,
            "url": "http://www.osvdb.org/61865"
          },
          {
            "trust": 1.6,
            "url": "http://archives.seul.org/or/announce/jan-2010/msg00000.html"
          },
          {
            "trust": 1.6,
            "url": "http://secunia.com/advisories/38198"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0385"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0385"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/14397"
          },
          {
            "trust": 0.3,
            "url": "http://www.torproject.org/index.html.en"
          },
          {
            "trust": 0.3,
            "url": "http://archives.seul.org/or/talk/jan-2010/msg00161.html"
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2010-0385"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-255"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-5331"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005252"
          },
          {
            "db": "BID",
            "id": "37901"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2010-0385"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-255"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-5331"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005252"
          },
          {
            "db": "BID",
            "id": "37901"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2010-01-25T19:30:00",
            "db": "NVD",
            "id": "CVE-2010-0385"
          },
          {
            "date": "2010-01-25T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201001-255"
          },
          {
            "date": "2010-01-25T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2010-5331"
          },
          {
            "date": "2012-12-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2010-005252"
          },
          {
            "date": "2010-01-21T00:00:00",
            "db": "BID",
            "id": "37901"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2010-01-26T05:00:00",
            "db": "NVD",
            "id": "CVE-2010-0385"
          },
          {
            "date": "2010-01-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201001-255"
          },
          {
            "date": "2010-01-25T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2010-5331"
          },
          {
            "date": "2012-12-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2010-005252"
          },
          {
            "date": "2015-04-13T21:03:00",
            "db": "BID",
            "id": "37901"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-255"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tor Official Directory Query Request Sensitive Information Disclosure Vulnerability",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-255"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2010-5331"
          }
        ],
        "trust": 1.2
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "information disclosure",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-255"
          }
        ],
        "trust": 0.6
      }
    }

    CVE-2012-3519 (GCVE-0-2012-3519)

    Vulnerability from nvd – Published: 2012-08-26 01:00 – Updated: 2024-08-06 20:05
    VLAI
    Summary
    routerlist.c in Tor before 0.2.2.38 uses a different amount of time for relay-list iteration depending on which relay is chosen, which might allow remote attackers to obtain sensitive information about relay selection via a timing side-channel attack.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2012-08-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T20:05:12.746Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "GLSA-201301-03",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-201301-03.xml"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://gitweb.torproject.org/tor.git/commit/308f6dad20675c42b29862f4269ad1fbfb00dc9a"
              },
              {
                "name": "[tor-announce] 20120819 Tor 0.2.2.38 is released",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.torproject.org/pipermail/tor-announce/2012-August/000086.html"
              },
              {
                "name": "50583",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/50583"
              },
              {
                "name": "[oss-security] 20120821 Re: CVE Request -- Tor 0.2.2.38: Three issues",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://openwall.com/lists/oss-security/2012/08/21/6"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://trac.torproject.org/projects/tor/ticket/6537"
              },
              {
                "name": "openSUSE-SU-2012:1068",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00048.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://gitweb.torproject.org/tor.git/commit/d48cebc5e498b0ae673635f40fc57cdddab45d5b"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2012-08-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "routerlist.c in Tor before 0.2.2.38 uses a different amount of time for relay-list iteration depending on which relay is chosen, which might allow remote attackers to obtain sensitive information about relay selection via a timing side-channel attack."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2012-10-11T09:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "GLSA-201301-03",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-201301-03.xml"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://gitweb.torproject.org/tor.git/commit/308f6dad20675c42b29862f4269ad1fbfb00dc9a"
            },
            {
              "name": "[tor-announce] 20120819 Tor 0.2.2.38 is released",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.torproject.org/pipermail/tor-announce/2012-August/000086.html"
            },
            {
              "name": "50583",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/50583"
            },
            {
              "name": "[oss-security] 20120821 Re: CVE Request -- Tor 0.2.2.38: Three issues",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://openwall.com/lists/oss-security/2012/08/21/6"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://trac.torproject.org/projects/tor/ticket/6537"
            },
            {
              "name": "openSUSE-SU-2012:1068",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00048.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://gitweb.torproject.org/tor.git/commit/d48cebc5e498b0ae673635f40fc57cdddab45d5b"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2012-3519",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "routerlist.c in Tor before 0.2.2.38 uses a different amount of time for relay-list iteration depending on which relay is chosen, which might allow remote attackers to obtain sensitive information about relay selection via a timing side-channel attack."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "GLSA-201301-03",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-201301-03.xml"
                },
                {
                  "name": "https://gitweb.torproject.org/tor.git/commit/308f6dad20675c42b29862f4269ad1fbfb00dc9a",
                  "refsource": "CONFIRM",
                  "url": "https://gitweb.torproject.org/tor.git/commit/308f6dad20675c42b29862f4269ad1fbfb00dc9a"
                },
                {
                  "name": "[tor-announce] 20120819 Tor 0.2.2.38 is released",
                  "refsource": "MLIST",
                  "url": "https://lists.torproject.org/pipermail/tor-announce/2012-August/000086.html"
                },
                {
                  "name": "50583",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/50583"
                },
                {
                  "name": "[oss-security] 20120821 Re: CVE Request -- Tor 0.2.2.38: Three issues",
                  "refsource": "MLIST",
                  "url": "http://openwall.com/lists/oss-security/2012/08/21/6"
                },
                {
                  "name": "https://trac.torproject.org/projects/tor/ticket/6537",
                  "refsource": "CONFIRM",
                  "url": "https://trac.torproject.org/projects/tor/ticket/6537"
                },
                {
                  "name": "openSUSE-SU-2012:1068",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00048.html"
                },
                {
                  "name": "https://gitweb.torproject.org/tor.git/commit/d48cebc5e498b0ae673635f40fc57cdddab45d5b",
                  "refsource": "CONFIRM",
                  "url": "https://gitweb.torproject.org/tor.git/commit/d48cebc5e498b0ae673635f40fc57cdddab45d5b"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2012-3519",
        "datePublished": "2012-08-26T01:00:00.000Z",
        "dateReserved": "2012-06-14T00:00:00.000Z",
        "dateUpdated": "2024-08-06T20:05:12.746Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2012-3518 (GCVE-0-2012-3518)

    Vulnerability from nvd – Published: 2012-08-26 01:00 – Updated: 2024-08-06 20:05
    VLAI
    Summary
    The networkstatus_parse_vote_from_string function in routerparse.c in Tor before 0.2.2.38 does not properly handle an invalid flavor name, which allows remote attackers to cause a denial of service (out-of-bounds read and daemon crash) via a crafted (1) vote document or (2) consensus document.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2012-08-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T20:05:12.799Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "GLSA-201301-03",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-201301-03.xml"
              },
              {
                "name": "[tor-announce] 20120819 Tor 0.2.2.38 is released",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.torproject.org/pipermail/tor-announce/2012-August/000086.html"
              },
              {
                "name": "50583",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/50583"
              },
              {
                "name": "[oss-security] 20120821 Re: CVE Request -- Tor 0.2.2.38: Three issues",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://openwall.com/lists/oss-security/2012/08/21/6"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://gitweb.torproject.org/tor.git/commit/55f635745afacefffdaafc72cc176ca7ab817546"
              },
              {
                "name": "openSUSE-SU-2012:1068",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00048.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://trac.torproject.org/projects/tor/ticket/6530"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://gitweb.torproject.org/tor.git/commit/57e35ad3d91724882c345ac709666a551a977f0f"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2012-08-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The networkstatus_parse_vote_from_string function in routerparse.c in Tor before 0.2.2.38 does not properly handle an invalid flavor name, which allows remote attackers to cause a denial of service (out-of-bounds read and daemon crash) via a crafted (1) vote document or (2) consensus document."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2012-10-11T09:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "GLSA-201301-03",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-201301-03.xml"
            },
            {
              "name": "[tor-announce] 20120819 Tor 0.2.2.38 is released",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.torproject.org/pipermail/tor-announce/2012-August/000086.html"
            },
            {
              "name": "50583",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/50583"
            },
            {
              "name": "[oss-security] 20120821 Re: CVE Request -- Tor 0.2.2.38: Three issues",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://openwall.com/lists/oss-security/2012/08/21/6"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://gitweb.torproject.org/tor.git/commit/55f635745afacefffdaafc72cc176ca7ab817546"
            },
            {
              "name": "openSUSE-SU-2012:1068",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00048.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://trac.torproject.org/projects/tor/ticket/6530"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://gitweb.torproject.org/tor.git/commit/57e35ad3d91724882c345ac709666a551a977f0f"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2012-3518",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The networkstatus_parse_vote_from_string function in routerparse.c in Tor before 0.2.2.38 does not properly handle an invalid flavor name, which allows remote attackers to cause a denial of service (out-of-bounds read and daemon crash) via a crafted (1) vote document or (2) consensus document."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "GLSA-201301-03",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-201301-03.xml"
                },
                {
                  "name": "[tor-announce] 20120819 Tor 0.2.2.38 is released",
                  "refsource": "MLIST",
                  "url": "https://lists.torproject.org/pipermail/tor-announce/2012-August/000086.html"
                },
                {
                  "name": "50583",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/50583"
                },
                {
                  "name": "[oss-security] 20120821 Re: CVE Request -- Tor 0.2.2.38: Three issues",
                  "refsource": "MLIST",
                  "url": "http://openwall.com/lists/oss-security/2012/08/21/6"
                },
                {
                  "name": "https://gitweb.torproject.org/tor.git/commit/55f635745afacefffdaafc72cc176ca7ab817546",
                  "refsource": "CONFIRM",
                  "url": "https://gitweb.torproject.org/tor.git/commit/55f635745afacefffdaafc72cc176ca7ab817546"
                },
                {
                  "name": "openSUSE-SU-2012:1068",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00048.html"
                },
                {
                  "name": "https://trac.torproject.org/projects/tor/ticket/6530",
                  "refsource": "CONFIRM",
                  "url": "https://trac.torproject.org/projects/tor/ticket/6530"
                },
                {
                  "name": "https://gitweb.torproject.org/tor.git/commit/57e35ad3d91724882c345ac709666a551a977f0f",
                  "refsource": "CONFIRM",
                  "url": "https://gitweb.torproject.org/tor.git/commit/57e35ad3d91724882c345ac709666a551a977f0f"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2012-3518",
        "datePublished": "2012-08-26T01:00:00.000Z",
        "dateReserved": "2012-06-14T00:00:00.000Z",
        "dateUpdated": "2024-08-06T20:05:12.799Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2012-3517 (GCVE-0-2012-3517)

    Vulnerability from nvd – Published: 2012-08-26 01:00 – Updated: 2024-08-06 20:05
    VLAI
    Summary
    Use-after-free vulnerability in dns.c in Tor before 0.2.2.38 might allow remote attackers to cause a denial of service (daemon crash) via vectors related to failed DNS requests.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2012-08-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T20:05:12.774Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "GLSA-201301-03",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-201301-03.xml"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=849949"
              },
              {
                "name": "[tor-announce] 20120819 Tor 0.2.2.38 is released",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.torproject.org/pipermail/tor-announce/2012-August/000086.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://gitweb.torproject.org/tor.git/commit/62637fa22405278758febb1743da9af562524d4c"
              },
              {
                "name": "[oss-security] 20120821 Re: CVE Request -- Tor 0.2.2.38: Three issues",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://openwall.com/lists/oss-security/2012/08/21/6"
              },
              {
                "name": "openSUSE-SU-2012:1068",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00048.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://trac.torproject.org/projects/tor/ticket/6480"
              },
              {
                "name": "FEDORA-2012-14638",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088006.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2012-08-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Use-after-free vulnerability in dns.c in Tor before 0.2.2.38 might allow remote attackers to cause a denial of service (daemon crash) via vectors related to failed DNS requests."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2012-10-11T09:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "GLSA-201301-03",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-201301-03.xml"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=849949"
            },
            {
              "name": "[tor-announce] 20120819 Tor 0.2.2.38 is released",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.torproject.org/pipermail/tor-announce/2012-August/000086.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://gitweb.torproject.org/tor.git/commit/62637fa22405278758febb1743da9af562524d4c"
            },
            {
              "name": "[oss-security] 20120821 Re: CVE Request -- Tor 0.2.2.38: Three issues",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://openwall.com/lists/oss-security/2012/08/21/6"
            },
            {
              "name": "openSUSE-SU-2012:1068",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00048.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://trac.torproject.org/projects/tor/ticket/6480"
            },
            {
              "name": "FEDORA-2012-14638",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088006.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2012-3517",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Use-after-free vulnerability in dns.c in Tor before 0.2.2.38 might allow remote attackers to cause a denial of service (daemon crash) via vectors related to failed DNS requests."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "GLSA-201301-03",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-201301-03.xml"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=849949",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=849949"
                },
                {
                  "name": "[tor-announce] 20120819 Tor 0.2.2.38 is released",
                  "refsource": "MLIST",
                  "url": "https://lists.torproject.org/pipermail/tor-announce/2012-August/000086.html"
                },
                {
                  "name": "https://gitweb.torproject.org/tor.git/commit/62637fa22405278758febb1743da9af562524d4c",
                  "refsource": "CONFIRM",
                  "url": "https://gitweb.torproject.org/tor.git/commit/62637fa22405278758febb1743da9af562524d4c"
                },
                {
                  "name": "[oss-security] 20120821 Re: CVE Request -- Tor 0.2.2.38: Three issues",
                  "refsource": "MLIST",
                  "url": "http://openwall.com/lists/oss-security/2012/08/21/6"
                },
                {
                  "name": "openSUSE-SU-2012:1068",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00048.html"
                },
                {
                  "name": "https://trac.torproject.org/projects/tor/ticket/6480",
                  "refsource": "CONFIRM",
                  "url": "https://trac.torproject.org/projects/tor/ticket/6480"
                },
                {
                  "name": "FEDORA-2012-14638",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088006.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2012-3517",
        "datePublished": "2012-08-26T01:00:00.000Z",
        "dateReserved": "2012-06-14T00:00:00.000Z",
        "dateUpdated": "2024-08-06T20:05:12.774Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-4897 (GCVE-0-2011-4897)

    Vulnerability from nvd – Published: 2011-12-23 02:00 – Updated: 2024-09-16 16:53
    VLAI
    Summary
    Tor before 0.2.2.25-alpha, when configured as a relay without the Nickname configuration option, uses the local hostname as the Nickname value, which allows remote attackers to obtain potentially sensitive information by reading this value.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T00:16:35.184Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://blog.torproject.org/blog/tor-02225-alpha-out"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Tor before 0.2.2.25-alpha, when configured as a relay without the Nickname configuration option, uses the local hostname as the Nickname value, which allows remote attackers to obtain potentially sensitive information by reading this value."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2011-12-23T02:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://blog.torproject.org/blog/tor-02225-alpha-out"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2011-4897",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Tor before 0.2.2.25-alpha, when configured as a relay without the Nickname configuration option, uses the local hostname as the Nickname value, which allows remote attackers to obtain potentially sensitive information by reading this value."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://blog.torproject.org/blog/tor-02225-alpha-out",
                  "refsource": "CONFIRM",
                  "url": "https://blog.torproject.org/blog/tor-02225-alpha-out"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2011-4897",
        "datePublished": "2011-12-23T02:00:00.000Z",
        "dateReserved": "2011-12-22T00:00:00.000Z",
        "dateUpdated": "2024-09-16T16:53:14.667Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-4896 (GCVE-0-2011-4896)

    Vulnerability from nvd – Published: 2011-12-23 02:00 – Updated: 2024-09-16 18:28
    VLAI
    Summary
    Tor before 0.2.2.24-alpha continues to use a reachable bridge that was previously configured but is not currently configured, which might allow remote attackers to obtain sensitive information about clients in opportunistic circumstances by monitoring network traffic to the bridge port.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T00:16:35.183Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://blog.torproject.org/blog/tor-02224-alpha-out"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Tor before 0.2.2.24-alpha continues to use a reachable bridge that was previously configured but is not currently configured, which might allow remote attackers to obtain sensitive information about clients in opportunistic circumstances by monitoring network traffic to the bridge port."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2011-12-23T02:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://blog.torproject.org/blog/tor-02224-alpha-out"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2011-4896",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Tor before 0.2.2.24-alpha continues to use a reachable bridge that was previously configured but is not currently configured, which might allow remote attackers to obtain sensitive information about clients in opportunistic circumstances by monitoring network traffic to the bridge port."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://blog.torproject.org/blog/tor-02224-alpha-out",
                  "refsource": "CONFIRM",
                  "url": "https://blog.torproject.org/blog/tor-02224-alpha-out"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2011-4896",
        "datePublished": "2011-12-23T02:00:00.000Z",
        "dateReserved": "2011-12-22T00:00:00.000Z",
        "dateUpdated": "2024-09-16T18:28:19.118Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2012-3517 (GCVE-0-2012-3517)

    Vulnerability from cvelistv5 – Published: 2012-08-26 01:00 – Updated: 2024-08-06 20:05
    VLAI
    Summary
    Use-after-free vulnerability in dns.c in Tor before 0.2.2.38 might allow remote attackers to cause a denial of service (daemon crash) via vectors related to failed DNS requests.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2012-08-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T20:05:12.774Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "GLSA-201301-03",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-201301-03.xml"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=849949"
              },
              {
                "name": "[tor-announce] 20120819 Tor 0.2.2.38 is released",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.torproject.org/pipermail/tor-announce/2012-August/000086.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://gitweb.torproject.org/tor.git/commit/62637fa22405278758febb1743da9af562524d4c"
              },
              {
                "name": "[oss-security] 20120821 Re: CVE Request -- Tor 0.2.2.38: Three issues",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://openwall.com/lists/oss-security/2012/08/21/6"
              },
              {
                "name": "openSUSE-SU-2012:1068",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00048.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://trac.torproject.org/projects/tor/ticket/6480"
              },
              {
                "name": "FEDORA-2012-14638",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088006.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2012-08-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Use-after-free vulnerability in dns.c in Tor before 0.2.2.38 might allow remote attackers to cause a denial of service (daemon crash) via vectors related to failed DNS requests."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2012-10-11T09:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "GLSA-201301-03",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-201301-03.xml"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=849949"
            },
            {
              "name": "[tor-announce] 20120819 Tor 0.2.2.38 is released",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.torproject.org/pipermail/tor-announce/2012-August/000086.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://gitweb.torproject.org/tor.git/commit/62637fa22405278758febb1743da9af562524d4c"
            },
            {
              "name": "[oss-security] 20120821 Re: CVE Request -- Tor 0.2.2.38: Three issues",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://openwall.com/lists/oss-security/2012/08/21/6"
            },
            {
              "name": "openSUSE-SU-2012:1068",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00048.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://trac.torproject.org/projects/tor/ticket/6480"
            },
            {
              "name": "FEDORA-2012-14638",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088006.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2012-3517",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Use-after-free vulnerability in dns.c in Tor before 0.2.2.38 might allow remote attackers to cause a denial of service (daemon crash) via vectors related to failed DNS requests."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "GLSA-201301-03",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-201301-03.xml"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=849949",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=849949"
                },
                {
                  "name": "[tor-announce] 20120819 Tor 0.2.2.38 is released",
                  "refsource": "MLIST",
                  "url": "https://lists.torproject.org/pipermail/tor-announce/2012-August/000086.html"
                },
                {
                  "name": "https://gitweb.torproject.org/tor.git/commit/62637fa22405278758febb1743da9af562524d4c",
                  "refsource": "CONFIRM",
                  "url": "https://gitweb.torproject.org/tor.git/commit/62637fa22405278758febb1743da9af562524d4c"
                },
                {
                  "name": "[oss-security] 20120821 Re: CVE Request -- Tor 0.2.2.38: Three issues",
                  "refsource": "MLIST",
                  "url": "http://openwall.com/lists/oss-security/2012/08/21/6"
                },
                {
                  "name": "openSUSE-SU-2012:1068",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00048.html"
                },
                {
                  "name": "https://trac.torproject.org/projects/tor/ticket/6480",
                  "refsource": "CONFIRM",
                  "url": "https://trac.torproject.org/projects/tor/ticket/6480"
                },
                {
                  "name": "FEDORA-2012-14638",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088006.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2012-3517",
        "datePublished": "2012-08-26T01:00:00.000Z",
        "dateReserved": "2012-06-14T00:00:00.000Z",
        "dateUpdated": "2024-08-06T20:05:12.774Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2012-3518 (GCVE-0-2012-3518)

    Vulnerability from cvelistv5 – Published: 2012-08-26 01:00 – Updated: 2024-08-06 20:05
    VLAI
    Summary
    The networkstatus_parse_vote_from_string function in routerparse.c in Tor before 0.2.2.38 does not properly handle an invalid flavor name, which allows remote attackers to cause a denial of service (out-of-bounds read and daemon crash) via a crafted (1) vote document or (2) consensus document.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2012-08-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T20:05:12.799Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "GLSA-201301-03",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-201301-03.xml"
              },
              {
                "name": "[tor-announce] 20120819 Tor 0.2.2.38 is released",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.torproject.org/pipermail/tor-announce/2012-August/000086.html"
              },
              {
                "name": "50583",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/50583"
              },
              {
                "name": "[oss-security] 20120821 Re: CVE Request -- Tor 0.2.2.38: Three issues",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://openwall.com/lists/oss-security/2012/08/21/6"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://gitweb.torproject.org/tor.git/commit/55f635745afacefffdaafc72cc176ca7ab817546"
              },
              {
                "name": "openSUSE-SU-2012:1068",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00048.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://trac.torproject.org/projects/tor/ticket/6530"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://gitweb.torproject.org/tor.git/commit/57e35ad3d91724882c345ac709666a551a977f0f"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2012-08-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The networkstatus_parse_vote_from_string function in routerparse.c in Tor before 0.2.2.38 does not properly handle an invalid flavor name, which allows remote attackers to cause a denial of service (out-of-bounds read and daemon crash) via a crafted (1) vote document or (2) consensus document."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2012-10-11T09:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "GLSA-201301-03",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-201301-03.xml"
            },
            {
              "name": "[tor-announce] 20120819 Tor 0.2.2.38 is released",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.torproject.org/pipermail/tor-announce/2012-August/000086.html"
            },
            {
              "name": "50583",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/50583"
            },
            {
              "name": "[oss-security] 20120821 Re: CVE Request -- Tor 0.2.2.38: Three issues",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://openwall.com/lists/oss-security/2012/08/21/6"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://gitweb.torproject.org/tor.git/commit/55f635745afacefffdaafc72cc176ca7ab817546"
            },
            {
              "name": "openSUSE-SU-2012:1068",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00048.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://trac.torproject.org/projects/tor/ticket/6530"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://gitweb.torproject.org/tor.git/commit/57e35ad3d91724882c345ac709666a551a977f0f"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2012-3518",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The networkstatus_parse_vote_from_string function in routerparse.c in Tor before 0.2.2.38 does not properly handle an invalid flavor name, which allows remote attackers to cause a denial of service (out-of-bounds read and daemon crash) via a crafted (1) vote document or (2) consensus document."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "GLSA-201301-03",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-201301-03.xml"
                },
                {
                  "name": "[tor-announce] 20120819 Tor 0.2.2.38 is released",
                  "refsource": "MLIST",
                  "url": "https://lists.torproject.org/pipermail/tor-announce/2012-August/000086.html"
                },
                {
                  "name": "50583",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/50583"
                },
                {
                  "name": "[oss-security] 20120821 Re: CVE Request -- Tor 0.2.2.38: Three issues",
                  "refsource": "MLIST",
                  "url": "http://openwall.com/lists/oss-security/2012/08/21/6"
                },
                {
                  "name": "https://gitweb.torproject.org/tor.git/commit/55f635745afacefffdaafc72cc176ca7ab817546",
                  "refsource": "CONFIRM",
                  "url": "https://gitweb.torproject.org/tor.git/commit/55f635745afacefffdaafc72cc176ca7ab817546"
                },
                {
                  "name": "openSUSE-SU-2012:1068",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00048.html"
                },
                {
                  "name": "https://trac.torproject.org/projects/tor/ticket/6530",
                  "refsource": "CONFIRM",
                  "url": "https://trac.torproject.org/projects/tor/ticket/6530"
                },
                {
                  "name": "https://gitweb.torproject.org/tor.git/commit/57e35ad3d91724882c345ac709666a551a977f0f",
                  "refsource": "CONFIRM",
                  "url": "https://gitweb.torproject.org/tor.git/commit/57e35ad3d91724882c345ac709666a551a977f0f"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2012-3518",
        "datePublished": "2012-08-26T01:00:00.000Z",
        "dateReserved": "2012-06-14T00:00:00.000Z",
        "dateUpdated": "2024-08-06T20:05:12.799Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2012-3519 (GCVE-0-2012-3519)

    Vulnerability from cvelistv5 – Published: 2012-08-26 01:00 – Updated: 2024-08-06 20:05
    VLAI
    Summary
    routerlist.c in Tor before 0.2.2.38 uses a different amount of time for relay-list iteration depending on which relay is chosen, which might allow remote attackers to obtain sensitive information about relay selection via a timing side-channel attack.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2012-08-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T20:05:12.746Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "GLSA-201301-03",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-201301-03.xml"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://gitweb.torproject.org/tor.git/commit/308f6dad20675c42b29862f4269ad1fbfb00dc9a"
              },
              {
                "name": "[tor-announce] 20120819 Tor 0.2.2.38 is released",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.torproject.org/pipermail/tor-announce/2012-August/000086.html"
              },
              {
                "name": "50583",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/50583"
              },
              {
                "name": "[oss-security] 20120821 Re: CVE Request -- Tor 0.2.2.38: Three issues",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://openwall.com/lists/oss-security/2012/08/21/6"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://trac.torproject.org/projects/tor/ticket/6537"
              },
              {
                "name": "openSUSE-SU-2012:1068",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00048.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://gitweb.torproject.org/tor.git/commit/d48cebc5e498b0ae673635f40fc57cdddab45d5b"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2012-08-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "routerlist.c in Tor before 0.2.2.38 uses a different amount of time for relay-list iteration depending on which relay is chosen, which might allow remote attackers to obtain sensitive information about relay selection via a timing side-channel attack."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2012-10-11T09:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "GLSA-201301-03",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-201301-03.xml"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://gitweb.torproject.org/tor.git/commit/308f6dad20675c42b29862f4269ad1fbfb00dc9a"
            },
            {
              "name": "[tor-announce] 20120819 Tor 0.2.2.38 is released",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.torproject.org/pipermail/tor-announce/2012-August/000086.html"
            },
            {
              "name": "50583",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/50583"
            },
            {
              "name": "[oss-security] 20120821 Re: CVE Request -- Tor 0.2.2.38: Three issues",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://openwall.com/lists/oss-security/2012/08/21/6"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://trac.torproject.org/projects/tor/ticket/6537"
            },
            {
              "name": "openSUSE-SU-2012:1068",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00048.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://gitweb.torproject.org/tor.git/commit/d48cebc5e498b0ae673635f40fc57cdddab45d5b"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2012-3519",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "routerlist.c in Tor before 0.2.2.38 uses a different amount of time for relay-list iteration depending on which relay is chosen, which might allow remote attackers to obtain sensitive information about relay selection via a timing side-channel attack."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "GLSA-201301-03",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-201301-03.xml"
                },
                {
                  "name": "https://gitweb.torproject.org/tor.git/commit/308f6dad20675c42b29862f4269ad1fbfb00dc9a",
                  "refsource": "CONFIRM",
                  "url": "https://gitweb.torproject.org/tor.git/commit/308f6dad20675c42b29862f4269ad1fbfb00dc9a"
                },
                {
                  "name": "[tor-announce] 20120819 Tor 0.2.2.38 is released",
                  "refsource": "MLIST",
                  "url": "https://lists.torproject.org/pipermail/tor-announce/2012-August/000086.html"
                },
                {
                  "name": "50583",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/50583"
                },
                {
                  "name": "[oss-security] 20120821 Re: CVE Request -- Tor 0.2.2.38: Three issues",
                  "refsource": "MLIST",
                  "url": "http://openwall.com/lists/oss-security/2012/08/21/6"
                },
                {
                  "name": "https://trac.torproject.org/projects/tor/ticket/6537",
                  "refsource": "CONFIRM",
                  "url": "https://trac.torproject.org/projects/tor/ticket/6537"
                },
                {
                  "name": "openSUSE-SU-2012:1068",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00048.html"
                },
                {
                  "name": "https://gitweb.torproject.org/tor.git/commit/d48cebc5e498b0ae673635f40fc57cdddab45d5b",
                  "refsource": "CONFIRM",
                  "url": "https://gitweb.torproject.org/tor.git/commit/d48cebc5e498b0ae673635f40fc57cdddab45d5b"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2012-3519",
        "datePublished": "2012-08-26T01:00:00.000Z",
        "dateReserved": "2012-06-14T00:00:00.000Z",
        "dateUpdated": "2024-08-06T20:05:12.746Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }