PT-2010-2166 · Tor · Tor
Roger Dingledine
·
Publicado
2010-01-25
·
Atualizado
2010-02-05
·
CVE-2010-0383
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Tor versions prior to 0.2.1.22
Tor versions 0.2.2.x prior to 0.2.2.7-alpha
Description
The issue makes it easier for man-in-the-middle attackers to compromise the anonymity of traffic sources and destinations due to the use of deprecated identity keys for certain directory authorities.
Recommendations
For Tor versions prior to 0.2.1.22, update to version 0.2.1.22 or later.
For Tor versions 0.2.2.x prior to 0.2.2.7-alpha, update to version 0.2.2.7-alpha or later.
Correção
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Tor