CVE-2010-0384

Tor 0.2.2.x before 0.2.2.7-alpha, when functioning as a directory mirror, does not prevent logging of the client IP address upon detection of erroneous client behavior, which might make it easier for local users to discover the identities of clients in opportunistic circumstances by reading log files.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:tor:tor:0.2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.2.2.1:alpha:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.2.2.2:alpha:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.2.2.3:alpha:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.2.2.4:alpha:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.2.2.5:*:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.2.2.5:alpha:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.2.2.6:*:*:*:*:*:*:*
cpe:2.3:a:tor:tor:0.2.2.6:alpha:*:*:*:*:*:*

History

No history.

Information

Published : 2010-01-25 19:30

Updated : 2024-02-28 11:41


NVD link : CVE-2010-0384

Mitre link : CVE-2010-0384

CVE.ORG link : CVE-2010-0384


JSON object : View

Products Affected

tor

  • tor
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor