CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
Percentile
97.0%
Tor is an implementation of second generation Onion Routing, a connection-oriented anonymizing communication service.
Multiple vulnerabilities have been discovered in Tor. Please review the CVE identifiers referenced below for details.
A remote unauthenticated attacker may be able to execute arbitrary code with the privileges of the Tor process or create a Denial of Service.
There is no known workaround at this time.
All Tor users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/tor-0.2.1.30"
NOTE: This is a legacy GLSA. Updates for all affected architectures are available since April 2, 2011. It is likely that your system is already no longer affected by this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Gentoo | any | all | net-misc/tor | < 0.2.1.30 | UNKNOWN |