var-201001-0713
Vulnerability from variot
Tor before 0.2.1.22, and 0.2.2.x before 0.2.2.7-alpha, when functioning as a bridge directory authority, allows remote attackers to obtain sensitive information about bridge identities and bridge descriptors via a dbg-stability.txt directory query. Tor (The Onion Router) is an implementation of the second generation of onion routing, through which users can communicate anonymously over the Internet. Tor is prone to a remote information-disclosure vulnerability. Exploits will allow attackers to obtain sensitive information that can help them launch further attacks. NOTE: Since certain Tor infrastructures were compromised, new version 3 identity keys have been issued. Versions prior to Tor 0.2.1.22 are vulnerable. ----------------------------------------------------------------------
Secunia integrated with Microsoft WSUS http://secunia.com/blog/71/
TITLE: Tor Directory Authorities Directory Queries Information Disclosure
SECUNIA ADVISORY ID: SA38198
VERIFY ADVISORY: http://secunia.com/advisories/38198/
DESCRIPTION: A security issue has been reported in Tor, which can be exploited by malicious people to disclose potentially sensitive information.
SOLUTION: Update to version 0.2.1.22.
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: http://permalink.gmane.org/gmane.network.onion-routing.announce/30
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201001-0713",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "tor",
"scope": "eq",
"trust": 1.6,
"vendor": "tor",
"version": "0.2.2.1"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.6,
"vendor": "tor",
"version": "0.1.2.5"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.6,
"vendor": "tor",
"version": "0.2.2.4"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.6,
"vendor": "tor",
"version": "0.2.2.5"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.6,
"vendor": "tor",
"version": "0.1.2.9"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.6,
"vendor": "tor",
"version": "0.2.2.6"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.6,
"vendor": "tor",
"version": "0.2.2.3"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.6,
"vendor": "tor",
"version": "0.2.2.2"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.6,
"vendor": "tor",
"version": "0.1.2.7"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.6,
"vendor": "tor",
"version": "0.2.2.7"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.3,
"vendor": "tor",
"version": "0.1.1.20"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.3,
"vendor": "tor",
"version": "0.1.0.14"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.3,
"vendor": "tor",
"version": "0.1.0.13"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.3,
"vendor": "tor",
"version": "0.1.0.12"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.3,
"vendor": "tor",
"version": "0.1.0.11"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.3,
"vendor": "tor",
"version": "0.1.0.10"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.3,
"vendor": "tor",
"version": "0.0.9.9"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.3,
"vendor": "tor",
"version": "0.0.9.8"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.3,
"vendor": "tor",
"version": "0.0.9.7"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.3,
"vendor": "tor",
"version": "0.0.9.6"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.3,
"vendor": "tor",
"version": "0.0.9.5"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.3,
"vendor": "tor",
"version": "0.0.9.4"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.3,
"vendor": "tor",
"version": "0.0.9.3"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.3,
"vendor": "tor",
"version": "0.0.9.2"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.3,
"vendor": "tor",
"version": "0.0.9.10"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.3,
"vendor": "tor",
"version": "0.0.9.1"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.3,
"vendor": "tor",
"version": "0.0.9"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.3,
"vendor": "tor",
"version": "0.1.2.16"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.2_pre25"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.0.18"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.22"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.2"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.7.2"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.2.19"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.0.4"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.23"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.2.4"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.2.10"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.2.30"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.11"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.0.17"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.7"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.2.1.1.13"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.0.3"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.0.2"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.2.1.1.15"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.2_pre20"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.2.18"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.6.2"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.2.1.1.14"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.1_alpha"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.4"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.2.11"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.2.1.1.12"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.2_pre17"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.0.8"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.2.1.1.16"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.2.1.1.20"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.6"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.10_alpha"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.2_pre18"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.2.2"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.0.19"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.7"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.9"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.12"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.2.12"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.10"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.2.13"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.0.9"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.0.1"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.2.1.1.21"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.25"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.2_pre13"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.2_pre22"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.14"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.2_pre16"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.2.14"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.2_pre15"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.7_alpha"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.15"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.2.1.1.18"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.0.16"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.4_alpha"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.2_alpha"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.6"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.8"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.2_pre14"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.3"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.6.1"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.13"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.2_pre19"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.2.1.1.17"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.5"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.1"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.2_pre23"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.2_pre27"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.2.1.1.19"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.17"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.9_alpha"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.2_pre21"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.6_alpha"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.0.7"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.8_alpha"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.19"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.2"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.16"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.3_alpha"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.21"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.26"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.2_pre26"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.7.3"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.0.5"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.18"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.3"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.0.15"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.8"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.2.1_alpha-cvs"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.8.1"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.2_pre24"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.5"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.4"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.0.7.1"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.0.6"
},
{
"model": "tor",
"scope": "eq",
"trust": 1.0,
"vendor": "tor",
"version": "0.1.1.5_alpha"
},
{
"model": "tor",
"scope": "eq",
"trust": 0.8,
"vendor": "the tor",
"version": "0.2.2.7-alpha"
},
{
"model": "tor",
"scope": "lt",
"trust": 0.8,
"vendor": "the tor",
"version": "0.2.2.x"
},
{
"model": "tor",
"scope": "eq",
"trust": 0.6,
"vendor": "tor",
"version": "0.2.x"
},
{
"model": "tor",
"scope": "eq",
"trust": 0.3,
"vendor": "tor",
"version": "0.2.35"
},
{
"model": "tor",
"scope": "eq",
"trust": 0.3,
"vendor": "tor",
"version": "0.2.34"
},
{
"model": "tor",
"scope": "eq",
"trust": 0.3,
"vendor": "tor",
"version": "0.2.33"
},
{
"model": "tor",
"scope": "eq",
"trust": 0.3,
"vendor": "tor",
"version": "0.2.32"
},
{
"model": "tor",
"scope": "eq",
"trust": 0.3,
"vendor": "tor",
"version": "0.2.31"
},
{
"model": "tor",
"scope": "eq",
"trust": 0.3,
"vendor": "tor",
"version": "0.1.214"
},
{
"model": "tor",
"scope": "eq",
"trust": 0.3,
"vendor": "tor",
"version": "0.1.123"
},
{
"model": ".5-alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "tor",
"version": "0.1.1"
},
{
"model": ".4-alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "tor",
"version": "0.1.1"
},
{
"model": ".3-alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "tor",
"version": "0.1.1"
},
{
"model": ".2-alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "tor",
"version": "0.1.1"
},
{
"model": ".1-alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "tor",
"version": "0.1.1"
},
{
"model": "tor",
"scope": "eq",
"trust": 0.3,
"vendor": "tor",
"version": "0.118"
},
{
"model": "tor",
"scope": "eq",
"trust": 0.3,
"vendor": "tor",
"version": "0.2.1.21"
},
{
"model": "tor",
"scope": "eq",
"trust": 0.3,
"vendor": "tor",
"version": "0.2.1.20"
},
{
"model": "tor",
"scope": "eq",
"trust": 0.3,
"vendor": "tor",
"version": "0.1.2.15"
},
{
"model": "alpha-cvs",
"scope": "eq",
"trust": 0.3,
"vendor": "tor",
"version": "0.1.2.1"
},
{
"model": "tor",
"scope": "ne",
"trust": 0.3,
"vendor": "tor",
"version": "0.2.1.22"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-5331"
},
{
"db": "BID",
"id": "37901"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005252"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-255"
},
{
"db": "NVD",
"id": "CVE-2010-0385"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:torproject:tor",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-005252"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Roger Dingledine",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201001-255"
}
],
"trust": 0.6
},
"cve": "CVE-2010-0385",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2010-0385",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2010-5331",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-0385",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2010-0385",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2010-5331",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201001-255",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-5331"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005252"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-255"
},
{
"db": "NVD",
"id": "CVE-2010-0385"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tor before 0.2.1.22, and 0.2.2.x before 0.2.2.7-alpha, when functioning as a bridge directory authority, allows remote attackers to obtain sensitive information about bridge identities and bridge descriptors via a dbg-stability.txt directory query. Tor (The Onion Router) is an implementation of the second generation of onion routing, through which users can communicate anonymously over the Internet. Tor is prone to a remote information-disclosure vulnerability. \nExploits will allow attackers to obtain sensitive information that can help them launch further attacks. \nNOTE: Since certain Tor infrastructures were compromised, new version 3 identity keys have been issued. \nVersions prior to Tor 0.2.1.22 are vulnerable. ----------------------------------------------------------------------\n\n\n\nSecunia integrated with Microsoft WSUS \nhttp://secunia.com/blog/71/\n\n\n\n----------------------------------------------------------------------\n\nTITLE:\nTor Directory Authorities Directory Queries Information Disclosure\n\nSECUNIA ADVISORY ID:\nSA38198\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/38198/\n\nDESCRIPTION:\nA security issue has been reported in Tor, which can be exploited by\nmalicious people to disclose potentially sensitive information. \n\nSOLUTION:\nUpdate to version 0.2.1.22. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nhttp://permalink.gmane.org/gmane.network.onion-routing.announce/30\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-0385"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005252"
},
{
"db": "CNVD",
"id": "CNVD-2010-5331"
},
{
"db": "BID",
"id": "37901"
},
{
"db": "PACKETSTORM",
"id": "85478"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-0385",
"trust": 3.3
},
{
"db": "BID",
"id": "37901",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "38198",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "61865",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005252",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2010-5331",
"trust": 0.6
},
{
"db": "MLIST",
"id": "[OR-TALK] 20100120 TOR 0.2.2.7-ALPHA IS OUT",
"trust": 0.6
},
{
"db": "MLIST",
"id": "[OR-ANNOUNCE] 20100121 TOR 0.2.1.22 IS RELEASED (SECURITY FIX)",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "14397",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201001-255",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "85478",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-5331"
},
{
"db": "BID",
"id": "37901"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005252"
},
{
"db": "PACKETSTORM",
"id": "85478"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-255"
},
{
"db": "NVD",
"id": "CVE-2010-0385"
}
]
},
"id": "VAR-201001-0713",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-5331"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-5331"
}
]
},
"last_update_date": "2024-11-23T22:09:13.614000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.torproject.org/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-005252"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-005252"
},
{
"db": "NVD",
"id": "CVE-2010-0385"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://www.securityfocus.com/bid/37901"
},
{
"trust": 1.6,
"url": "http://www.osvdb.org/61865"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/38198"
},
{
"trust": 1.6,
"url": "http://archives.seul.org/or/talk/jan-2010/msg00162.html"
},
{
"trust": 1.6,
"url": "http://archives.seul.org/or/announce/jan-2010/msg00000.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0385"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0385"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/14397"
},
{
"trust": 0.3,
"url": "http://www.torproject.org/index.html.en"
},
{
"trust": 0.3,
"url": "http://archives.seul.org/or/talk/jan-2010/msg00161.html"
},
{
"trust": 0.1,
"url": "http://permalink.gmane.org/gmane.network.onion-routing.announce/30"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/71/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/38198/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-5331"
},
{
"db": "BID",
"id": "37901"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005252"
},
{
"db": "PACKETSTORM",
"id": "85478"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-255"
},
{
"db": "NVD",
"id": "CVE-2010-0385"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2010-5331"
},
{
"db": "BID",
"id": "37901"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005252"
},
{
"db": "PACKETSTORM",
"id": "85478"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-255"
},
{
"db": "NVD",
"id": "CVE-2010-0385"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-01-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-5331"
},
{
"date": "2010-01-21T00:00:00",
"db": "BID",
"id": "37901"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-005252"
},
{
"date": "2010-01-21T10:22:16",
"db": "PACKETSTORM",
"id": "85478"
},
{
"date": "2010-01-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201001-255"
},
{
"date": "2010-01-25T19:30:01.697000",
"db": "NVD",
"id": "CVE-2010-0385"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-01-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-5331"
},
{
"date": "2015-04-13T21:03:00",
"db": "BID",
"id": "37901"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-005252"
},
{
"date": "2010-01-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201001-255"
},
{
"date": "2024-11-21T01:12:06.427000",
"db": "NVD",
"id": "CVE-2010-0385"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201001-255"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tor official directory query request sensitive information disclosure vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-5331"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-255"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201001-255"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…