Download
| Alert*
|
oval:org.secpod.oval:def:107121
tor is installed oval:org.secpod.oval:def:602004 Several denial-of-service issues have been discovered in Tor, a connection-based low-latency anonymous communication system. o Jowr discovered that very high DNS query load on a relay could trigger an assertion error. o A relay could crash with an assertion error if a buffer of exactly the wrong lay ... oval:org.secpod.oval:def:2000162 debian/tor.init in the Debian tor_0.2.9.11-1~deb9u1 package for Tor was designed to execute aa-exec from the standard system pathname if the apparmor package is installed, but implements this incorrectly , which allows attackers to bypass intended AppArmor restrictions by leveraging the silent loss ... oval:org.secpod.oval:def:603380 It has been discovered that Tor, a connection-based low-latency anonymous communication system, contains a protocol-list handling bug that could be used to remotely crash directory authorities with a null-pointer exception . oval:org.secpod.oval:def:53314 It has been discovered that Tor, a connection-based low-latency anonymous communication system, contains a protocol-list handling bug that could be used to remotely crash directory authorities with a null-pointer exception . oval:org.secpod.oval:def:1800981 An issue was discovered in Tor before 0.2.9.15, 0.3.1.x before 0.3.1.10, and 0.3.2.x before 0.3.2.10. The directory-authority protocol-list subprotocol implementation allows remote attackers to cause a denial of service via a misformatted relay descriptor that is mishandled during voting. Fixed In ... oval:org.secpod.oval:def:1800033 tor is installed oval:org.secpod.oval:def:69811 A denial of service vulnerability was found in Tor, a connection-based low-latency anonymous communication system. For the stable distribution , this problem has been fixed in version 0.3.5.10-1. oval:org.secpod.oval:def:1800248 The rend_service_intro_established function in or/rendservice.c in Tor before 0.2.8.15, 0.2.9.x before 0.2.9.12, 0.3.0.x before 0.3.0.11, 0.3.1.x before 0.3.1.7, and 0.3.2.x before 0.3.2.1-alpha, when SafeLogging is disabled, allows attackers to obtain sensitive information by leveraging access to t ... oval:org.secpod.oval:def:1800032 CVE-2017-8819 In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, the replay-cache protection mechanism is ineffective for v2 onion services, aka TROVE-2017-009. An attacker can send many INTRODUCE2 cells to trigger thi ... oval:org.secpod.oval:def:107120 Tor is a connection-based low-latency anonymous communication system. Applications connect to the local Tor proxy using the SOCKS protocol. The local proxy chooses a path through a set of relays, in which each relay knows its predecessor and successor, but no others. Traffic flowing down the circuit ... oval:org.secpod.oval:def:107151 Tor is a connection-based low-latency anonymous communication system. Applications connect to the local Tor proxy using the SOCKS protocol. The local proxy chooses a path through a set of relays, in which each relay knows its predecessor and successor, but no others. Traffic flowing down the circuit ... oval:org.secpod.oval:def:108632 Tor is a connection-based low-latency anonymous communication system. Applications connect to the local Tor proxy using the SOCKS protocol. The local proxy chooses a path through a set of relays, in which each relay knows its predecessor and successor, but no others. Traffic flowing down the circuit ... oval:org.secpod.oval:def:108596 Tor is a connection-based low-latency anonymous communication system. Applications connect to the local Tor proxy using the SOCKS protocol. The local proxy chooses a path through a set of relays, in which each relay knows its predecessor and successor, but no others. Traffic flowing down the circuit ... oval:org.secpod.oval:def:107354 Tor is a connection-based low-latency anonymous communication system. Applications connect to the local Tor proxy using the SOCKS protocol. The local proxy chooses a path through a set of relays, in which each relay knows its predecessor and successor, but no others. Traffic flowing down the circuit ... oval:org.secpod.oval:def:107335 Tor is a connection-based low-latency anonymous communication system. Applications connect to the local Tor proxy using the SOCKS protocol. The local proxy chooses a path through a set of relays, in which each relay knows its predecessor and successor, but no others. Traffic flowing down the circuit ... oval:org.secpod.oval:def:108730 Tor is a connection-based low-latency anonymous communication system. Applications connect to the local Tor proxy using the SOCKS protocol. The local proxy chooses a path through a set of relays, in which each relay knows its predecessor and successor, but no others. Traffic flowing down the circuit ... oval:org.secpod.oval:def:108731 Tor is a connection-based low-latency anonymous communication system. Applications connect to the local Tor proxy using the SOCKS protocol. The local proxy chooses a path through a set of relays, in which each relay knows its predecessor and successor, but no others. Traffic flowing down the circuit ... oval:org.secpod.oval:def:602026 Several vulnerabilities have been discovered in Tor, a connection-based low-latency anonymous communication system: CVE-2015-2928 "disgleirio" discovered that a malicious client could trigger an assertion failure in a Tor instance providing a hidden service, thus rendering the service inac ... oval:org.secpod.oval:def:601446 tor is installed oval:org.secpod.oval:def:117956 The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and indivi ... oval:org.secpod.oval:def:118528 The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and indivi ... oval:org.secpod.oval:def:600637 It has been discovered by "frosty_un" that a design flaw in Tor, an online privacy tool, allows malicious relay servers to learn certain information that they should not be able to learn. Specifically, a relay that a user connects to directly could learn which other relays that user is con ... oval:org.secpod.oval:def:117951 The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and indivi ... oval:org.secpod.oval:def:600629 It was discovered that Tor, an online privacy tool, incorrectly computes buffer sizes in certain cases involving SOCKS connections. Malicious parties could use this to cause a heap-based buffer overflow, potentially allowing execution of arbitrary code. In Tor"s default configuration this issue can ... oval:org.secpod.oval:def:601740 Several issues have been discovered in Tor, a connection-based low-latency anonymous communication system, resulting in information leaks. o Relay-early cells could be used by colluding relays on the network to tag user circuits and so deploy traffic confirmation attacks [CVE-2014-5117]. The updated ... oval:org.secpod.oval:def:600888 Severel vulnerabilities have been discovered in Tor, an online privacy tool. CVE-2012-3518 Avoid an uninitialised memory read when reading a vote or consensus document that has an unrecognized flavour name. This could lead to a remote, resulting in denial of service. CVE-2012-3519 Try to leak less i ... oval:org.secpod.oval:def:111568 The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and indivi ... oval:org.secpod.oval:def:111574 The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and indivi ... oval:org.secpod.oval:def:602647 It has been discovered that Tor treats the contents of some buffer chunks as if they were a NUL-terminated string. This issue could enable a remote attacker to crash a Tor client, hidden service, relay, or authority. oval:org.secpod.oval:def:112121 The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tors users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and individuals ... oval:org.secpod.oval:def:112142 The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tors users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and individuals ... oval:org.secpod.oval:def:113315 The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and indivi ... oval:org.secpod.oval:def:113310 The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and indivi ... oval:org.secpod.oval:def:113593 The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and indivi ... oval:org.secpod.oval:def:602927 It has been discovered that Tor, a connection-based low-latency anonymous communication system, contain a flaw in the hidden service code when receiving a BEGIN_DIR cell on a hidden service rendezvous circuit. A remote attacker can take advantage of this flaw to cause a hidden service to crash with ... oval:org.secpod.oval:def:603124 It was discovered that the Tor onion service could leak sensitive information to log files if the SafeLogging option is set to 0. The oldstable distribution is not affected. oval:org.secpod.oval:def:113785 The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and indivi ... oval:org.secpod.oval:def:113786 The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and indivi ... oval:org.secpod.oval:def:53201 Multiple vulnerabilities have been found in Tor, a connection-based low-latency anonymous communication system. oval:org.secpod.oval:def:603195 Multiple vulnerabilities have been found in Tor, a connection-based low-latency anonymous communication system. oval:org.secpod.oval:def:114114 The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and indivi ... oval:org.secpod.oval:def:114115 The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and indivi ... oval:org.secpod.oval:def:3300136 SUSE Security Update: Security update for tor oval:org.secpod.oval:def:3301283 SUSE Security Update: Security update for tor oval:org.secpod.oval:def:3300979 SUSE Security Update: Security update for tor oval:org.secpod.oval:def:116062 The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and indivi ... oval:org.secpod.oval:def:116063 The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and indivi ... oval:org.secpod.oval:def:1901461 In Tor before 0.3.3.12, 0.3.4.x before 0.3.4.11, 0.3.5.x before 0.3.5.8, and 0.4.x before 0.4.0.2-alpha, remote denial of service against Tor clients and relays can occur via memory exhaustion in the KIST cell scheduler. oval:org.secpod.oval:def:120393 The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tors users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and individuals ... oval:org.secpod.oval:def:120394 The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tors users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and individuals ... oval:org.secpod.oval:def:111823 The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and indivi ... oval:org.secpod.oval:def:88459 A logic error was discovered in the implementation of the "SafeSocks" option of Tor, a connection-based low-latency anonymous communication system, which did result in allowing unsafe SOCKS4 traffic to pass. oval:org.secpod.oval:def:124888 The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and individual ... oval:org.secpod.oval:def:605462 Two vulnerabilities were discovered in Tor, a connection-based low-latency anonymous communication system, which could lead to excessive CPU usage or cause a directory authority to crash. oval:org.secpod.oval:def:602707 It was discovered that Tor, a connection-based low-latency anonymous communication system, may read one byte past a buffer when parsing hidden service descriptors. This issue may enable a hostile hidden service to crash Tor clients depending on hardening options and malloc implementation. oval:org.secpod.oval:def:126482 The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and individual ... oval:org.secpod.oval:def:126481 The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and individual ... oval:org.secpod.oval:def:126941 The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor;s users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and individual ... oval:org.secpod.oval:def:126936 The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor;s users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and individual ... oval:org.secpod.oval:def:3301599 Security update for tor |
