Tor 0.2.2.x before 0.2.2.7-alpha, when functioning as a directory mirror, does not prevent logging of the client IP address upon detection of erroneous client behavior, which might make it easier for local users to discover the identities of clients in opportunistic circumstances by reading log files.
References
Link | Resource |
---|---|
http://archives.seul.org/or/talk/Jan-2010/msg00162.html |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2010-01-25 19:30
Updated : 2024-02-28 11:41
NVD link : CVE-2010-0384
Mitre link : CVE-2010-0384
CVE.ORG link : CVE-2010-0384
JSON object : View
Products Affected
tor
- tor
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor