CVE-2006-3411

TLS handshakes in Tor before 0.1.1.20 generate public-private keys based on TLS context rather than the connection, which makes it easier for remote attackers to conduct brute force attacks on the encryption keys.

Affected Software

Name	Vendor	Start Version	End Version
Tor	Tor	0.0.2 (including)	0.0.2 (including)
Tor	Tor	0.0.2_pre13 (including)	0.0.2_pre13 (including)
Tor	Tor	0.0.2_pre14 (including)	0.0.2_pre14 (including)
Tor	Tor	0.0.2_pre15 (including)	0.0.2_pre15 (including)
Tor	Tor	0.0.2_pre16 (including)	0.0.2_pre16 (including)
Tor	Tor	0.0.2_pre17 (including)	0.0.2_pre17 (including)
Tor	Tor	0.0.2_pre18 (including)	0.0.2_pre18 (including)
Tor	Tor	0.0.2_pre19 (including)	0.0.2_pre19 (including)
Tor	Tor	0.0.2_pre20 (including)	0.0.2_pre20 (including)
Tor	Tor	0.0.2_pre21 (including)	0.0.2_pre21 (including)
Tor	Tor	0.0.2_pre22 (including)	0.0.2_pre22 (including)
Tor	Tor	0.0.2_pre23 (including)	0.0.2_pre23 (including)
Tor	Tor	0.0.2_pre24 (including)	0.0.2_pre24 (including)
Tor	Tor	0.0.2_pre25 (including)	0.0.2_pre25 (including)
Tor	Tor	0.0.2_pre26 (including)	0.0.2_pre26 (including)
Tor	Tor	0.0.2_pre27 (including)	0.0.2_pre27 (including)
Tor	Tor	0.0.3 (including)	0.0.3 (including)
Tor	Tor	0.0.4 (including)	0.0.4 (including)
Tor	Tor	0.0.5 (including)	0.0.5 (including)
Tor	Tor	0.0.6 (including)	0.0.6 (including)
Tor	Tor	0.0.6.1 (including)	0.0.6.1 (including)
Tor	Tor	0.0.6.2 (including)	0.0.6.2 (including)
Tor	Tor	0.0.7 (including)	0.0.7 (including)
Tor	Tor	0.0.7.1 (including)	0.0.7.1 (including)
Tor	Tor	0.0.7.2 (including)	0.0.7.2 (including)
Tor	Tor	0.0.7.3 (including)	0.0.7.3 (including)
Tor	Tor	0.0.8 (including)	0.0.8 (including)
Tor	Tor	0.0.8.1 (including)	0.0.8.1 (including)
Tor	Tor	0.0.9 (including)	0.0.9 (including)
Tor	Tor	0.0.9.1 (including)	0.0.9.1 (including)
Tor	Tor	0.0.9.2 (including)	0.0.9.2 (including)
Tor	Tor	0.0.9.3 (including)	0.0.9.3 (including)
Tor	Tor	0.0.9.4 (including)	0.0.9.4 (including)
Tor	Tor	0.0.9.5 (including)	0.0.9.5 (including)
Tor	Tor	0.0.9.6 (including)	0.0.9.6 (including)
Tor	Tor	0.0.9.7 (including)	0.0.9.7 (including)
Tor	Tor	0.0.9.8 (including)	0.0.9.8 (including)
Tor	Tor	0.0.9.9 (including)	0.0.9.9 (including)
Tor	Tor	0.0.9.10 (including)	0.0.9.10 (including)
Tor	Tor	0.1.0.1 (including)	0.1.0.1 (including)
Tor	Tor	0.1.0.2 (including)	0.1.0.2 (including)
Tor	Tor	0.1.0.3 (including)	0.1.0.3 (including)
Tor	Tor	0.1.0.4 (including)	0.1.0.4 (including)
Tor	Tor	0.1.0.5 (including)	0.1.0.5 (including)
Tor	Tor	0.1.0.6 (including)	0.1.0.6 (including)
Tor	Tor	0.1.0.7 (including)	0.1.0.7 (including)
Tor	Tor	0.1.0.8 (including)	0.1.0.8 (including)
Tor	Tor	0.1.0.9 (including)	0.1.0.9 (including)
Tor	Tor	0.1.0.10 (including)	0.1.0.10 (including)
Tor	Tor	0.1.0.11 (including)	0.1.0.11 (including)
Tor	Tor	0.1.0.12 (including)	0.1.0.12 (including)
Tor	Tor	0.1.0.13 (including)	0.1.0.13 (including)
Tor	Tor	0.1.0.14 (including)	0.1.0.14 (including)
Tor	Tor	0.1.0.15 (including)	0.1.0.15 (including)
Tor	Tor	0.1.0.16 (including)	0.1.0.16 (including)
Tor	Tor	0.1.0.17 (including)	0.1.0.17 (including)
Tor	Tor	0.1.0.18 (including)	0.1.0.18 (including)
Tor	Tor	0.1.0.19 (including)	0.1.0.19 (including)
Tor	Tor	0.1.1.1_alpha (including)	0.1.1.1_alpha (including)
Tor	Tor	0.1.1.2_alpha (including)	0.1.1.2_alpha (including)
Tor	Tor	0.1.1.3_alpha (including)	0.1.1.3_alpha (including)
Tor	Tor	0.1.1.4_alpha (including)	0.1.1.4_alpha (including)
Tor	Tor	0.1.1.5_alpha (including)	0.1.1.5_alpha (including)
Tor	Tor	0.1.1.6_alpha (including)	0.1.1.6_alpha (including)
Tor	Tor	0.1.1.7_alpha (including)	0.1.1.7_alpha (including)
Tor	Tor	0.1.1.8_alpha (including)	0.1.1.8_alpha (including)
Tor	Tor	0.1.1.9_alpha (including)	0.1.1.9_alpha (including)
Tor	Tor	0.1.1.10_alpha (including)	0.1.1.10_alpha (including)
Tor	Ubuntu	dapper	*
Tor	Ubuntu	edgy	*
Tor	Ubuntu	feisty	*
Tor	Ubuntu	gutsy	*
Tor	Ubuntu	hardy	*
Tor	Ubuntu	intrepid	*
Tor	Ubuntu	upstream	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-3411
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html

Affected Software

References