Lucene search

MitreCVE-2006-3414

HistoryJul 07, 2006 - 12:05 a.m.

CVE-2006-3414

2006-07-0700:05:00

mitre

web.nvd.nist.gov

cve-2006-3414

tor

vulnerability

hostname

descriptor

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.7

Confidence

Low

EPSS

0.007

Percentile

79.7%

JSON

Tor before 0.1.1.20 supports server descriptors that contain hostnames instead of IP addresses, which allows remote attackers to arbitrarily group users by providing preferential address resolution.

Affected configurations

Nvd

Node

tortorMatch0.0.2

tortorMatch0.0.2_pre13

tortorMatch0.0.2_pre14

tortorMatch0.0.2_pre15

tortorMatch0.0.2_pre16

tortorMatch0.0.2_pre17

tortorMatch0.0.2_pre18

tortorMatch0.0.2_pre19

tortorMatch0.0.2_pre20

tortorMatch0.0.2_pre21

tortorMatch0.0.2_pre22

tortorMatch0.0.2_pre23

tortorMatch0.0.2_pre24

tortorMatch0.0.2_pre25

tortorMatch0.0.2_pre26

tortorMatch0.0.2_pre27

tortorMatch0.0.3

tortorMatch0.0.4

tortorMatch0.0.5

tortorMatch0.0.6

tortorMatch0.0.6.1

tortorMatch0.0.6.2

tortorMatch0.0.7

tortorMatch0.0.7.1

tortorMatch0.0.7.2

tortorMatch0.0.7.3

tortorMatch0.0.8

tortorMatch0.0.8.1

tortorMatch0.0.9

tortorMatch0.0.9.1

tortorMatch0.0.9.2

tortorMatch0.0.9.3

tortorMatch0.0.9.4

tortorMatch0.0.9.5

tortorMatch0.0.9.6

tortorMatch0.0.9.7

tortorMatch0.0.9.8

tortorMatch0.0.9.9

tortorMatch0.0.9.10

tortorMatch0.1.0.1

tortorMatch0.1.0.2

tortorMatch0.1.0.3

tortorMatch0.1.0.4

tortorMatch0.1.0.5

tortorMatch0.1.0.6

tortorMatch0.1.0.7

tortorMatch0.1.0.8

tortorMatch0.1.0.9

tortorMatch0.1.0.10

tortorMatch0.1.0.11

tortorMatch0.1.0.12

tortorMatch0.1.0.13

tortorMatch0.1.0.14

tortorMatch0.1.0.15

tortorMatch0.1.0.16

tortorMatch0.1.0.17

tortorMatch0.1.0.18

tortorMatch0.1.0.19

tortorMatch0.1.1.1_alpha

tortorMatch0.1.1.2_alpha

tortorMatch0.1.1.3_alpha

tortorMatch0.1.1.4_alpha

tortorMatch0.1.1.5_alpha

tortorMatch0.1.1.6_alpha

tortorMatch0.1.1.7_alpha

tortorMatch0.1.1.8_alpha

tortorMatch0.1.1.9_alpha

tortorMatch0.1.1.10_alpha

VendorProductVersionCPE
tortor0.0.2cpe:2.3:a:tor:tor:0.0.2:*:*:*:*:*:*:*
tortor0.0.2_pre13cpe:2.3:a:tor:tor:0.0.2_pre13:*:*:*:*:*:*:*
tortor0.0.2_pre14cpe:2.3:a:tor:tor:0.0.2_pre14:*:*:*:*:*:*:*
tortor0.0.2_pre15cpe:2.3:a:tor:tor:0.0.2_pre15:*:*:*:*:*:*:*
tortor0.0.2_pre16cpe:2.3:a:tor:tor:0.0.2_pre16:*:*:*:*:*:*:*
tortor0.0.2_pre17cpe:2.3:a:tor:tor:0.0.2_pre17:*:*:*:*:*:*:*
tortor0.0.2_pre18cpe:2.3:a:tor:tor:0.0.2_pre18:*:*:*:*:*:*:*
tortor0.0.2_pre19cpe:2.3:a:tor:tor:0.0.2_pre19:*:*:*:*:*:*:*
tortor0.0.2_pre20cpe:2.3:a:tor:tor:0.0.2_pre20:*:*:*:*:*:*:*
tortor0.0.2_pre21cpe:2.3:a:tor:tor:0.0.2_pre21:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
tor	tor	0.0.2	cpe:2.3:a:tor:tor:0.0.2:::::::*
tor	tor	0.0.2_pre13	cpe:2.3:a:tor:tor:0.0.2_pre13:::::::*
tor	tor	0.0.2_pre14	cpe:2.3:a:tor:tor:0.0.2_pre14:::::::*
tor	tor	0.0.2_pre15	cpe:2.3:a:tor:tor:0.0.2_pre15:::::::*
tor	tor	0.0.2_pre16	cpe:2.3:a:tor:tor:0.0.2_pre16:::::::*
tor	tor	0.0.2_pre17	cpe:2.3:a:tor:tor:0.0.2_pre17:::::::*
tor	tor	0.0.2_pre18	cpe:2.3:a:tor:tor:0.0.2_pre18:::::::*
tor	tor	0.0.2_pre19	cpe:2.3:a:tor:tor:0.0.2_pre19:::::::*
tor	tor	0.0.2_pre20	cpe:2.3:a:tor:tor:0.0.2_pre20:::::::*
tor	tor	0.0.2_pre21	cpe:2.3:a:tor:tor:0.0.2_pre21:::::::*

Rows per page:

1-10 of 681

References

secunia.com/advisories/20514

security.gentoo.org/glsa/glsa-200606-04.xml

tor.eff.org/cvs/tor/ChangeLog

www.osvdb.org/25877

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.7

Confidence

Low

EPSS

0.007

Percentile

79.7%

JSON

Related for CVE-2006-3414