PT-2010-2167 · Tor · Tor
Mike Perry
·
Published
2010-01-25
·
Updated
2011-04-27
·
CVE-2010-0384
CVSS v2.0
2.1
Low
| Vector | AV:L/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Tor versions 0.2.2.x through 0.2.2.7-alpha
Description
The issue allows local users to potentially discover the identities of clients by reading log files when the Tor functions as a directory mirror and detects erroneous client behavior.
Recommendations
For Tor versions 0.2.2.x through 0.2.2.7-alpha, update to version 0.2.2.7-alpha or later to resolve the issue.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Tor