actually this is result on my recent vulnerability scan on the TOR website below:
135/tcp filtered msrpc no-response
139/tcp filtered netbios-ssn no-response
443/tcp open https syn-ack ttl 51
|_http-csrf: Couldn’t find any CSRF vulnerabilities.
|_http-dombased-xss: Couldn’t find any DOM based XSS.
| http-iis-webdav-vuln:
|_ ERROR: This web server is not supported.
| http-slowloris-check:
| VULNERABLE:
| Slowloris DOS attack
| State: LIKELY VULNERABLE
| IDs: CVE:CVE-2007-6750
| Slowloris tries to keep many connections to the target web server open and hold
| them open as long as possible. It accomplishes this by opening connections to
| the target web server and sending a partial request. By doing so, it starves
| the http server’s resources causing Denial Of Service.