1. CVE-Search
  2. CVE-2007-4099
ID CVE-2007-4099
Summary Tor before 0.1.2.15 can select a guard node beyond the first listed never-before-connected-to guard node, which allows remote attackers with control of certain guard nodes to obtain sensitive information and possibly leverage further attacks.
References
Vulnerable Configurations
  • cpe:2.3:a:tor:tor:0.1.0.10:*:*:*:*:*:*:*
    cpe:2.3:a:tor:tor:0.1.0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:tor:tor:0.1.0.11:*:*:*:*:*:*:*
    cpe:2.3:a:tor:tor:0.1.0.11:*:*:*:*:*:*:*
  • cpe:2.3:a:tor:tor:0.1.0.12:*:*:*:*:*:*:*
    cpe:2.3:a:tor:tor:0.1.0.12:*:*:*:*:*:*:*
  • cpe:2.3:a:tor:tor:0.1.0.13:*:*:*:*:*:*:*
    cpe:2.3:a:tor:tor:0.1.0.13:*:*:*:*:*:*:*
  • cpe:2.3:a:tor:tor:0.1.0.14:*:*:*:*:*:*:*
    cpe:2.3:a:tor:tor:0.1.0.14:*:*:*:*:*:*:*
  • cpe:2.3:a:tor:tor:0.1.0.18:*:*:*:*:*:*:*
    cpe:2.3:a:tor:tor:0.1.0.18:*:*:*:*:*:*:*
  • cpe:2.3:a:tor:tor:0.1.1.1_alpha:*:*:*:*:*:*:*
    cpe:2.3:a:tor:tor:0.1.1.1_alpha:*:*:*:*:*:*:*
  • cpe:2.3:a:tor:tor:0.1.1.2_alpha:*:*:*:*:*:*:*
    cpe:2.3:a:tor:tor:0.1.1.2_alpha:*:*:*:*:*:*:*
  • cpe:2.3:a:tor:tor:0.1.1.3_alpha:*:*:*:*:*:*:*
    cpe:2.3:a:tor:tor:0.1.1.3_alpha:*:*:*:*:*:*:*
  • cpe:2.3:a:tor:tor:0.1.1.4_alpha:*:*:*:*:*:*:*
    cpe:2.3:a:tor:tor:0.1.1.4_alpha:*:*:*:*:*:*:*
  • cpe:2.3:a:tor:tor:0.1.1.5_alpha:*:*:*:*:*:*:*
    cpe:2.3:a:tor:tor:0.1.1.5_alpha:*:*:*:*:*:*:*
  • cpe:2.3:a:tor:tor:0.1.1.20:*:*:*:*:*:*:*
    cpe:2.3:a:tor:tor:0.1.1.20:*:*:*:*:*:*:*
  • cpe:2.3:a:tor:tor:0.1.1.23:*:*:*:*:*:*:*
    cpe:2.3:a:tor:tor:0.1.1.23:*:*:*:*:*:*:*
  • cpe:2.3:a:tor:tor:0.1.2.1_alpha-cvs:*:*:*:*:*:*:*
    cpe:2.3:a:tor:tor:0.1.2.1_alpha-cvs:*:*:*:*:*:*:*
  • cpe:2.3:a:tor:tor:0.1.2.14:*:*:*:*:*:*:*
    cpe:2.3:a:tor:tor:0.1.2.14:*:*:*:*:*:*:*
CVSS
Base: 5.8 (as of 08-03-2011 - 02:57)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:N/A:P
refmap via4
bid 25035
mlist [or-announce] 20070723 Tor 0.1.2.15 is released
osvdb 46971
secunia 26140
vupen ADV-2007-2634
Last major update 08-03-2011 - 02:57
Published 30-07-2007 - 21:17
Last modified 08-03-2011 - 02:57
Back to Top