PT-2017-18553 · Tor+1 · Tor+1
Publicado
2017-12-01
·
Atualizado
2024-06-15
·
CVE-2017-8819
CVSS v3.1
7.5
Alta
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Tor versions 0.2.5 through 0.2.5.15
Tor versions 0.2.6 through 0.2.8.16
Tor versions 0.2.9 through 0.2.9.13
Tor versions 0.3.0 through 0.3.0.12
Tor versions 0.3.1 through 0.3.1.8
Description
The replay-cache protection mechanism is ineffective for v2 onion services. An attacker can send many INTRODUCE2 cells to trigger this issue.
Recommendations
For Tor versions 0.2.5 through 0.2.5.15, update to version 0.2.5.16 or later.
For Tor versions 0.2.6 through 0.2.8.16, update to version 0.2.8.17 or later.
For Tor versions 0.2.9 through 0.2.9.13, update to version 0.2.9.14 or later.
For Tor versions 0.3.0 through 0.3.0.12, update to version 0.3.0.13 or later.
For Tor versions 0.3.1 through 0.3.1.8, update to version 0.3.1.9 or later.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Alt Linux
Tor