Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
CVE-2009-0654
CVE information
Published
Last Modified
CVSSv2.0 Severity
Impact Analysis
Description
Tor 0.2.0.28, and probably 0.2.0.34 and earlier, allows remote attackers, with control of an entry router and an exit router, to confirm that a sender and receiver are communicating via vectors involving (1) replaying, (2) modifying, (3) inserting, or (4) deleting a single cell, and then observing cell recognition errors at the exit router. NOTE: the vendor disputes the significance of this issue, noting that the product's design "accepted end-to-end correlation as an attack that is too expensive to solve.".
CVSSv2.0 Score
- Severity
- Medium
- Base Score
- 5.1/10
- Exploit Score
- 4.9/10
- Access Vector
- Network
- Access Complexity
- High
- Authentication Required
- None
- Impact Score
- 6.4/10
- Confidentiality Impact
- Partial
- Availability Impact
- Partial
- Integrity Impact
- Partial
Products Affected
CPE | Affected | Vulnerable | Excluding | Edit |
---|---|---|---|---|
cpe:2.3:a:tor:tor:0.2.0.11:alpha:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tor:tor:0.2.0.22:alpha:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tor:tor:0.2.0.19:alpha:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tor:tor:0.2.0.31:alpha:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tor:tor:0.2.0.14:alpha:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tor:tor:0.2.0.28:alpha:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tor:tor:0.2.0.17:alpha:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tor:tor:0.2.0.25:alpha:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tor:tor:0.2.0.26:alpha:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tor:tor:0.2.0.12:alpha:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tor:tor:0.2.0.3:alpha:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tor:tor:0.2.0.7:alpha:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tor:tor:0.2.0.18:alpha:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tor:tor:0.2.0.4:alpha:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tor:tor:0.2.0.27:alpha:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tor:tor:0.2.0.32:alpha:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tor:tor:0.2.0.15:alpha:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tor:tor:0.2.0.9:alpha:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tor:tor:0.2.0.2:alpha:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tor:tor:0.2.0.8:alpha:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tor:tor:0.2.0.24:alpha:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tor:tor:0.2.0.21:alpha:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tor:tor:0.2.0.20:alpha:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tor:tor:0.2.0.13:alpha:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tor:tor:*:alpha:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tor:tor:0.2.0.1:alpha:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tor:tor:0.2.0.23:alpha:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tor:tor:0.2.0.10:alpha:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tor:tor:0.2.0.29:alpha:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tor:tor:0.2.0.30:alpha:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tor:tor:0.2.0.6:alpha:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tor:tor:0.2.0.16:alpha:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tor:tor:0.2.0.5:alpha:*:*:*:*:*:* |
Yes
|
- | - |