Lucene search

RedhatCVE-2012-4419

HistorySep 14, 2012 - 6:55 p.m.

CVE-2012-4419

2012-09-1418:55:04

redhat

web.nvd.nist.gov

cve-2012-4419

tor

denial of service

assertion failure

daemon exit

security vulnerability

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.3

Confidence

Low

EPSS

0.038

Percentile

91.9%

JSON

The compare_tor_addr_to_addr_policy function in or/policies.c in Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.21-rc, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a zero-valued port field that is not properly handled during policy comparison.

Affected configurations

Nvd

Node

torprojecttorRange≤0.2.2.38

torprojecttorMatch0.0.2

torprojecttorMatch0.0.2pre13

torprojecttorMatch0.0.2pre14

torprojecttorMatch0.0.2pre15

torprojecttorMatch0.0.2pre16

torprojecttorMatch0.0.2pre17

torprojecttorMatch0.0.2pre18

torprojecttorMatch0.0.2pre19

torprojecttorMatch0.0.2pre20

torprojecttorMatch0.0.2pre21

torprojecttorMatch0.0.2pre22

torprojecttorMatch0.0.2pre23

torprojecttorMatch0.0.2pre24

torprojecttorMatch0.0.2pre25

torprojecttorMatch0.0.2pre26

torprojecttorMatch0.0.2pre27

torprojecttorMatch0.0.3

torprojecttorMatch0.0.4

torprojecttorMatch0.0.5

torprojecttorMatch0.0.6

torprojecttorMatch0.0.6.1

torprojecttorMatch0.0.6.2

torprojecttorMatch0.0.7

torprojecttorMatch0.0.7.1

torprojecttorMatch0.0.7.2

torprojecttorMatch0.0.7.3

torprojecttorMatch0.0.8.1

torprojecttorMatch0.0.9.1

torprojecttorMatch0.0.9.2

torprojecttorMatch0.0.9.3

torprojecttorMatch0.0.9.4

torprojecttorMatch0.0.9.5

torprojecttorMatch0.0.9.6

torprojecttorMatch0.0.9.7

torprojecttorMatch0.0.9.8

torprojecttorMatch0.0.9.9

torprojecttorMatch0.0.9.10

torprojecttorMatch0.1.0.10

torprojecttorMatch0.1.0.11

torprojecttorMatch0.1.0.12

torprojecttorMatch0.1.0.13

torprojecttorMatch0.1.0.14

torprojecttorMatch0.1.0.15

torprojecttorMatch0.1.0.16

torprojecttorMatch0.1.0.17

torprojecttorMatch0.1.1.20

torprojecttorMatch0.1.1.21

torprojecttorMatch0.1.1.22

torprojecttorMatch0.1.1.23

torprojecttorMatch0.1.1.24

torprojecttorMatch0.1.1.25

torprojecttorMatch0.1.1.26

torprojecttorMatch0.1.2.13

torprojecttorMatch0.1.2.14

torprojecttorMatch0.1.2.15

torprojecttorMatch0.1.2.16

torprojecttorMatch0.1.2.17

torprojecttorMatch0.1.2.18

torprojecttorMatch0.1.2.19

torprojecttorMatch0.2.0.30

torprojecttorMatch0.2.0.31

torprojecttorMatch0.2.0.32

torprojecttorMatch0.2.0.33

torprojecttorMatch0.2.0.34

torprojecttorMatch0.2.0.35

torprojecttorMatch0.2.2.18

torprojecttorMatch0.2.2.19

torprojecttorMatch0.2.2.20

torprojecttorMatch0.2.2.21

torprojecttorMatch0.2.2.22

torprojecttorMatch0.2.2.23

torprojecttorMatch0.2.2.24

torprojecttorMatch0.2.2.25

torprojecttorMatch0.2.2.26

torprojecttorMatch0.2.2.27

torprojecttorMatch0.2.2.28

torprojecttorMatch0.2.2.29

torprojecttorMatch0.2.2.30

torprojecttorMatch0.2.2.31

torprojecttorMatch0.2.2.32

torprojecttorMatch0.2.2.33

torprojecttorMatch0.2.2.34

torprojecttorMatch0.2.2.35

torprojecttorMatch0.2.2.36

torprojecttorMatch0.2.2.37

torprojecttorMatch0.2.3

torprojecttorMatch0.2.3.13alpha

torprojecttorMatch0.2.3.14alpha

torprojecttorMatch0.2.3.15alpha

torprojecttorMatch0.2.3.16alpha

torprojecttorMatch0.2.3.17beta

torprojecttorMatch0.2.3.18rc

torprojecttorMatch0.2.3.19rc

torprojecttorMatch0.2.3.20rc

VendorProductVersionCPE
torprojecttor*cpe:2.3:a:torproject:tor:*:*:*:*:*:*:*:*
torprojecttor0.0.2cpe:2.3:a:torproject:tor:0.0.2:*:*:*:*:*:*:*
torprojecttor0.0.2cpe:2.3:a:torproject:tor:0.0.2:pre13:*:*:*:*:*:*
torprojecttor0.0.2cpe:2.3:a:torproject:tor:0.0.2:pre14:*:*:*:*:*:*
torprojecttor0.0.2cpe:2.3:a:torproject:tor:0.0.2:pre15:*:*:*:*:*:*
torprojecttor0.0.2cpe:2.3:a:torproject:tor:0.0.2:pre16:*:*:*:*:*:*
torprojecttor0.0.2cpe:2.3:a:torproject:tor:0.0.2:pre17:*:*:*:*:*:*
torprojecttor0.0.2cpe:2.3:a:torproject:tor:0.0.2:pre18:*:*:*:*:*:*
torprojecttor0.0.2cpe:2.3:a:torproject:tor:0.0.2:pre19:*:*:*:*:*:*
torprojecttor0.0.2cpe:2.3:a:torproject:tor:0.0.2:pre20:*:*:*:*:*:*

Vendor	Product	Version	CPE
torproject	tor	*	cpe:2.3:a:torproject:tor::::::::
torproject	tor	0.0.2	cpe:2.3:a:torproject:tor:0.0.2:::::::*
torproject	tor	0.0.2	cpe:2.3:a:torproject:tor:0.0.2:pre13::::::
torproject	tor	0.0.2	cpe:2.3:a:torproject:tor:0.0.2:pre14::::::
torproject	tor	0.0.2	cpe:2.3:a:torproject:tor:0.0.2:pre15::::::
torproject	tor	0.0.2	cpe:2.3:a:torproject:tor:0.0.2:pre16::::::
torproject	tor	0.0.2	cpe:2.3:a:torproject:tor:0.0.2:pre17::::::
torproject	tor	0.0.2	cpe:2.3:a:torproject:tor:0.0.2:pre18::::::
torproject	tor	0.0.2	cpe:2.3:a:torproject:tor:0.0.2:pre19::::::
torproject	tor	0.0.2	cpe:2.3:a:torproject:tor:0.0.2:pre20::::::