CVE-2007-4098

Tor before 0.1.2.15 does not properly distinguish "streamids from different exits," which might allow remote attackers with control over Tor routers to inject cells into arbitrary streams.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:tor:tor:0.1.0.10:*:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.1.0.11:*:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.1.0.12:*:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.1.0.13:*:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.1.0.14:*:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.1.0.18:*:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.1.1.1_alpha:*:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.1.1.2_alpha:*:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.1.1.3_alpha:*:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.1.1.4_alpha:*:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.1.1.5_alpha:*:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.1.1.20:*:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.1.1.23:*:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.1.2.1_alpha-cvs:*:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.1.2.14:*:*:*:*:*:*:*

History

21 Nov 2024, 00:34

Type Values Removed Values Added
References () http://archives.seul.org/or/announce/Jul-2007/msg00000.html - Patch () http://archives.seul.org/or/announce/Jul-2007/msg00000.html - Patch
References () http://osvdb.org/46970 - () http://osvdb.org/46970 -
References () http://secunia.com/advisories/26140 - Patch, Vendor Advisory () http://secunia.com/advisories/26140 - Patch, Vendor Advisory
References () http://www.securityfocus.com/bid/25035 - Patch () http://www.securityfocus.com/bid/25035 - Patch
References () http://www.vupen.com/english/advisories/2007/2634 - () http://www.vupen.com/english/advisories/2007/2634 -

Information

Published : 2007-07-30 21:17

Updated : 2024-11-21 00:34


NVD link : CVE-2007-4098

Mitre link : CVE-2007-4098

CVE.ORG link : CVE-2007-4098


JSON object : View

Products Affected

tor

  • tor