CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
91.9%
The networkstatus_parse_vote_from_string function in routerparse.c in Tor
before 0.2.2.38 does not properly handle an invalid flavor name, which
allows remote attackers to cause a denial of service (out-of-bounds read
and daemon crash) via a crafted (1) vote document or (2) consensus
document.
Author | Note |
---|---|
sbeattie | may have been introduced in 0.2.2.6-alpha |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 12.10 | noarch | tor | < 0.2.3.22-rc-1 | UNKNOWN |
ubuntu | 13.04 | noarch | tor | < 0.2.3.22-rc-1 | UNKNOWN |
ubuntu | 13.10 | noarch | tor | < 0.2.3.22-rc-1 | UNKNOWN |
ubuntu | 14.04 | noarch | tor | < 0.2.3.22-rc-1 | UNKNOWN |
ubuntu | 14.10 | noarch | tor | < 0.2.3.22-rc-1 | UNKNOWN |
ubuntu | 15.04 | noarch | tor | < 0.2.3.22-rc-1 | UNKNOWN |
ubuntu | 15.10 | noarch | tor | < 0.2.3.22-rc-1 | UNKNOWN |
ubuntu | 16.04 | noarch | tor | < 0.2.3.22-rc-1 | UNKNOWN |
ubuntu | 16.10 | noarch | tor | < 0.2.3.22-rc-1 | UNKNOWN |
ubuntu | 17.04 | noarch | tor | < 0.2.3.22-rc-1 | UNKNOWN |