VAR-201001-0713
Vulnerability from variot - Updated: 2025-04-11 22:59Tor before 0.2.1.22, and 0.2.2.x before 0.2.2.7-alpha, when functioning as a bridge directory authority, allows remote attackers to obtain sensitive information about bridge identities and bridge descriptors via a dbg-stability.txt directory query. Tor (The Onion Router) is an implementation of the second generation of onion routing, through which users can communicate anonymously over the Internet. Tor is prone to a remote information-disclosure vulnerability. Exploits will allow attackers to obtain sensitive information that can help them launch further attacks. NOTE: Since certain Tor infrastructures were compromised, new version 3 identity keys have been issued. Versions prior to Tor 0.2.1.22 are vulnerable. ----------------------------------------------------------------------
Secunia integrated with Microsoft WSUS http://secunia.com/blog/71/
TITLE: Tor Directory Authorities Directory Queries Information Disclosure
SECUNIA ADVISORY ID: SA38198
VERIFY ADVISORY: http://secunia.com/advisories/38198/
DESCRIPTION: A security issue has been reported in Tor, which can be exploited by malicious people to disclose potentially sensitive information.
SOLUTION: Update to version 0.2.1.22.
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: http://permalink.gmane.org/gmane.network.onion-routing.announce/30
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201001-0713",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "tor",
"scope": "eq",
"trust": 1.6,
"vendor": "tor",
"version": "0.2.2.1"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.6,
"vendor": "tor",
"version": "0.1.2.5"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.6,
"vendor": "tor",
"version": "0.2.2.4"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.6,
"vendor": "tor",
"version": "0.2.2.5"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.6,
"vendor": "tor",
"version": "0.1.2.9"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.6,
"vendor": "tor",
"version": "0.2.2.6"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.6,
"vendor": "tor",
"version": "0.2.2.3"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.6,
"vendor": "tor",
"version": "0.2.2.2"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.6,
"vendor": "tor",
"version": "0.1.2.7"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.6,
"vendor": "tor",
"version": "0.2.2.7"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.3,
"vendor": "tor",
"version": "0.1.1.20"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.3,
"vendor": "tor",
"version": "0.1.0.14"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.3,
"vendor": "tor",
"version": "0.1.0.13"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.3,
"vendor": "tor",
"version": "0.1.0.12"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.3,
"vendor": "tor",
"version": "0.1.0.11"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.3,
"vendor": "tor",
"version": "0.1.0.10"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.3,
"vendor": "tor",
"version": "0.0.9.9"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.3,
"vendor": "tor",
"version": "0.0.9.8"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.3,
"vendor": "tor",
"version": "0.0.9.7"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.3,
"vendor": "tor",
"version": "0.0.9.6"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.3,
"vendor": "tor",
"version": "0.0.9.5"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.3,
"vendor": "tor",
"version": "0.0.9.4"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.3,
"vendor": "tor",
"version": "0.0.9.3"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.3,
"vendor": "tor",
"version": "0.0.9.2"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.3,
"vendor": "tor",
"version": "0.0.9.10"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.3,
"vendor": "tor",
"version": "0.0.9.1"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.3,
"vendor": "tor",
"version": "0.0.9"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.3,
"vendor": "tor",
"version": "0.1.2.16"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.7"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.1_alpha"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.25"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.2.1.1.21"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.3"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.19"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.8"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.2.2"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.2"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.2.1.1.16"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.0.15"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.7"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.14"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.1"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.6"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.8.1"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.5"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.4"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.2.10"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.21"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.2.1.1.14"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.2_pre21"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.2"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.2.18"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.18"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.2.1_alpha-cvs"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.2_pre14"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.0.7"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.0.19"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.16"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.10_alpha"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.2.1.1.13"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.0.16"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.13"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.2_pre18"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.0.3"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.2.12"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.2_alpha"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.0.17"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.0.18"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.2.19"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.4"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.2_pre22"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.5_alpha"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.23"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.22"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.26"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.2.4"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.17"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.4_alpha"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.8"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.2.1.1.18"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.12"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.6.1"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.8_alpha"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.5"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.2_pre16"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.9_alpha"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.11"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.2_pre17"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.7.2"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.2.30"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.0.8"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.7_alpha"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.0.4"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.2_pre27"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.2.1.1.20"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.2.13"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.2.1.1.17"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.6_alpha"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.9"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.2_pre24"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.7.1"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.2_pre25"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.2_pre13"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.2_pre19"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.0.5"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.15"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.2.1.1.12"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.2_pre15"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.2_pre23"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.0.9"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.2_pre26"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.0.2"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.0.6"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.2.11"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.2.1.1.15"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.2_pre20"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.0.1"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.10"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.6.2"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.2.14"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.6"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.3_alpha"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.7.3"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.3"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.2.1.1.19"
},
{
"model": "tor",
"scope": "eq",
"trust": 0.8,
"vendor": "the tor",
"version": "0.2.2.7-alpha"
},
{
"model": "tor",
"scope": "lt",
"trust": 0.8,
"vendor": "the tor",
"version": "0.2.2.x"
},
{
"model": "tor",
"scope": "eq",
"trust": 0.6,
"vendor": "tor",
"version": "0.2.x"
},
{
"model": "tor",
"scope": "eq",
"trust": 0.3,
"vendor": "tor",
"version": "0.2.35"
},
{
"model": "tor",
"scope": "eq",
"trust": 0.3,
"vendor": "tor",
"version": "0.2.34"
},
{
"model": "tor",
"scope": "eq",
"trust": 0.3,
"vendor": "tor",
"version": "0.2.33"
},
{
"model": "tor",
"scope": "eq",
"trust": 0.3,
"vendor": "tor",
"version": "0.2.32"
},
{
"model": "tor",
"scope": "eq",
"trust": 0.3,
"vendor": "tor",
"version": "0.2.31"
},
{
"model": "tor",
"scope": "eq",
"trust": 0.3,
"vendor": "tor",
"version": "0.1.214"
},
{
"model": "tor",
"scope": "eq",
"trust": 0.3,
"vendor": "tor",
"version": "0.1.123"
},
{
"model": ".5-alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "tor",
"version": "0.1.1"
},
{
"model": ".4-alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "tor",
"version": "0.1.1"
},
{
"model": ".3-alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "tor",
"version": "0.1.1"
},
{
"model": ".2-alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "tor",
"version": "0.1.1"
},
{
"model": ".1-alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "tor",
"version": "0.1.1"
},
{
"model": "tor",
"scope": "eq",
"trust": 0.3,
"vendor": "tor",
"version": "0.118"
},
{
"model": "tor",
"scope": "eq",
"trust": 0.3,
"vendor": "tor",
"version": "0.2.1.21"
},
{
"model": "tor",
"scope": "eq",
"trust": 0.3,
"vendor": "tor",
"version": "0.2.1.20"
},
{
"model": "tor",
"scope": "eq",
"trust": 0.3,
"vendor": "tor",
"version": "0.1.2.15"
},
{
"model": "alpha-cvs",
"scope": "eq",
"trust": 0.3,
"vendor": "tor",
"version": "0.1.2.1"
},
{
"model": "tor",
"scope": "ne",
"trust": 0.3,
"vendor": "tor",
"version": "0.2.1.22"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-5331"
},
{
"db": "BID",
"id": "37901"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005252"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-255"
},
{
"db": "NVD",
"id": "CVE-2010-0385"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:torproject:tor",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-005252"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Roger Dingledine",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201001-255"
}
],
"trust": 0.6
},
"cve": "CVE-2010-0385",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2010-0385",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2010-5331",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-0385",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2010-0385",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2010-5331",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201001-255",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-5331"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005252"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-255"
},
{
"db": "NVD",
"id": "CVE-2010-0385"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tor before 0.2.1.22, and 0.2.2.x before 0.2.2.7-alpha, when functioning as a bridge directory authority, allows remote attackers to obtain sensitive information about bridge identities and bridge descriptors via a dbg-stability.txt directory query. Tor (The Onion Router) is an implementation of the second generation of onion routing, through which users can communicate anonymously over the Internet. Tor is prone to a remote information-disclosure vulnerability. \nExploits will allow attackers to obtain sensitive information that can help them launch further attacks. \nNOTE: Since certain Tor infrastructures were compromised, new version 3 identity keys have been issued. \nVersions prior to Tor 0.2.1.22 are vulnerable. ----------------------------------------------------------------------\n\n\n\nSecunia integrated with Microsoft WSUS \nhttp://secunia.com/blog/71/\n\n\n\n----------------------------------------------------------------------\n\nTITLE:\nTor Directory Authorities Directory Queries Information Disclosure\n\nSECUNIA ADVISORY ID:\nSA38198\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/38198/\n\nDESCRIPTION:\nA security issue has been reported in Tor, which can be exploited by\nmalicious people to disclose potentially sensitive information. \n\nSOLUTION:\nUpdate to version 0.2.1.22. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nhttp://permalink.gmane.org/gmane.network.onion-routing.announce/30\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-0385"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005252"
},
{
"db": "CNVD",
"id": "CNVD-2010-5331"
},
{
"db": "BID",
"id": "37901"
},
{
"db": "PACKETSTORM",
"id": "85478"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-0385",
"trust": 3.3
},
{
"db": "BID",
"id": "37901",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "38198",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "61865",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005252",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2010-5331",
"trust": 0.6
},
{
"db": "MLIST",
"id": "[OR-TALK] 20100120 TOR 0.2.2.7-ALPHA IS OUT",
"trust": 0.6
},
{
"db": "MLIST",
"id": "[OR-ANNOUNCE] 20100121 TOR 0.2.1.22 IS RELEASED (SECURITY FIX)",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "14397",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201001-255",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "85478",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-5331"
},
{
"db": "BID",
"id": "37901"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005252"
},
{
"db": "PACKETSTORM",
"id": "85478"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-255"
},
{
"db": "NVD",
"id": "CVE-2010-0385"
}
]
},
"id": "VAR-201001-0713",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-5331"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-5331"
}
]
},
"last_update_date": "2025-04-11T22:59:43.326000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.torproject.org/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-005252"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-005252"
},
{
"db": "NVD",
"id": "CVE-2010-0385"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://www.securityfocus.com/bid/37901"
},
{
"trust": 1.6,
"url": "http://www.osvdb.org/61865"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/38198"
},
{
"trust": 1.6,
"url": "http://archives.seul.org/or/talk/jan-2010/msg00162.html"
},
{
"trust": 1.6,
"url": "http://archives.seul.org/or/announce/jan-2010/msg00000.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0385"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0385"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/14397"
},
{
"trust": 0.3,
"url": "http://www.torproject.org/index.html.en"
},
{
"trust": 0.3,
"url": "http://archives.seul.org/or/talk/jan-2010/msg00161.html"
},
{
"trust": 0.1,
"url": "http://permalink.gmane.org/gmane.network.onion-routing.announce/30"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/71/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/38198/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-5331"
},
{
"db": "BID",
"id": "37901"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005252"
},
{
"db": "PACKETSTORM",
"id": "85478"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-255"
},
{
"db": "NVD",
"id": "CVE-2010-0385"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2010-5331"
},
{
"db": "BID",
"id": "37901"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005252"
},
{
"db": "PACKETSTORM",
"id": "85478"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-255"
},
{
"db": "NVD",
"id": "CVE-2010-0385"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-01-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-5331"
},
{
"date": "2010-01-21T00:00:00",
"db": "BID",
"id": "37901"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-005252"
},
{
"date": "2010-01-21T10:22:16",
"db": "PACKETSTORM",
"id": "85478"
},
{
"date": "2010-01-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201001-255"
},
{
"date": "2010-01-25T19:30:01.697000",
"db": "NVD",
"id": "CVE-2010-0385"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-01-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-5331"
},
{
"date": "2015-04-13T21:03:00",
"db": "BID",
"id": "37901"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-005252"
},
{
"date": "2010-01-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201001-255"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2010-0385"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201001-255"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tor official directory query request sensitive information disclosure vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-5331"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-255"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201001-255"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…