CVE-2006-3417

Tor client before 0.1.1.20 prefers entry points based on is_fast or is_stable flags, which could allow remote attackers to be preferred over nodes that are identified as more trustworthy entry guard (is_guard) systems by directory authorities.

Affected Software

Name	Vendor	Start Version	End Version
Tor	Tor	0.0.2 (including)	0.0.2 (including)
Tor	Tor	0.0.2_pre13 (including)	0.0.2_pre13 (including)
Tor	Tor	0.0.2_pre14 (including)	0.0.2_pre14 (including)
Tor	Tor	0.0.2_pre15 (including)	0.0.2_pre15 (including)
Tor	Tor	0.0.2_pre16 (including)	0.0.2_pre16 (including)
Tor	Tor	0.0.2_pre17 (including)	0.0.2_pre17 (including)
Tor	Tor	0.0.2_pre18 (including)	0.0.2_pre18 (including)
Tor	Tor	0.0.2_pre19 (including)	0.0.2_pre19 (including)
Tor	Tor	0.0.2_pre20 (including)	0.0.2_pre20 (including)
Tor	Tor	0.0.2_pre21 (including)	0.0.2_pre21 (including)
Tor	Tor	0.0.2_pre22 (including)	0.0.2_pre22 (including)
Tor	Tor	0.0.2_pre23 (including)	0.0.2_pre23 (including)
Tor	Tor	0.0.2_pre24 (including)	0.0.2_pre24 (including)
Tor	Tor	0.0.2_pre25 (including)	0.0.2_pre25 (including)
Tor	Tor	0.0.2_pre26 (including)	0.0.2_pre26 (including)
Tor	Tor	0.0.2_pre27 (including)	0.0.2_pre27 (including)
Tor	Tor	0.0.3 (including)	0.0.3 (including)
Tor	Tor	0.0.4 (including)	0.0.4 (including)
Tor	Tor	0.0.5 (including)	0.0.5 (including)
Tor	Tor	0.0.6 (including)	0.0.6 (including)
Tor	Tor	0.0.6.1 (including)	0.0.6.1 (including)
Tor	Tor	0.0.6.2 (including)	0.0.6.2 (including)
Tor	Tor	0.0.7 (including)	0.0.7 (including)
Tor	Tor	0.0.7.1 (including)	0.0.7.1 (including)
Tor	Tor	0.0.7.2 (including)	0.0.7.2 (including)
Tor	Tor	0.0.7.3 (including)	0.0.7.3 (including)
Tor	Tor	0.0.8 (including)	0.0.8 (including)
Tor	Tor	0.0.8.1 (including)	0.0.8.1 (including)
Tor	Tor	0.0.9 (including)	0.0.9 (including)
Tor	Tor	0.0.9.1 (including)	0.0.9.1 (including)
Tor	Tor	0.0.9.2 (including)	0.0.9.2 (including)
Tor	Tor	0.0.9.3 (including)	0.0.9.3 (including)
Tor	Tor	0.0.9.4 (including)	0.0.9.4 (including)
Tor	Tor	0.0.9.5 (including)	0.0.9.5 (including)
Tor	Tor	0.0.9.6 (including)	0.0.9.6 (including)
Tor	Tor	0.0.9.7 (including)	0.0.9.7 (including)
Tor	Tor	0.0.9.8 (including)	0.0.9.8 (including)
Tor	Tor	0.0.9.9 (including)	0.0.9.9 (including)
Tor	Tor	0.0.9.10 (including)	0.0.9.10 (including)
Tor	Tor	0.1.0.1 (including)	0.1.0.1 (including)
Tor	Tor	0.1.0.2 (including)	0.1.0.2 (including)
Tor	Tor	0.1.0.3 (including)	0.1.0.3 (including)
Tor	Tor	0.1.0.4 (including)	0.1.0.4 (including)
Tor	Tor	0.1.0.5 (including)	0.1.0.5 (including)
Tor	Tor	0.1.0.6 (including)	0.1.0.6 (including)
Tor	Tor	0.1.0.7 (including)	0.1.0.7 (including)
Tor	Tor	0.1.0.8 (including)	0.1.0.8 (including)
Tor	Tor	0.1.0.9 (including)	0.1.0.9 (including)
Tor	Tor	0.1.0.10 (including)	0.1.0.10 (including)
Tor	Tor	0.1.0.11 (including)	0.1.0.11 (including)
Tor	Tor	0.1.0.12 (including)	0.1.0.12 (including)
Tor	Tor	0.1.0.13 (including)	0.1.0.13 (including)
Tor	Tor	0.1.0.14 (including)	0.1.0.14 (including)
Tor	Tor	0.1.0.15 (including)	0.1.0.15 (including)
Tor	Tor	0.1.0.16 (including)	0.1.0.16 (including)
Tor	Tor	0.1.0.17 (including)	0.1.0.17 (including)
Tor	Tor	0.1.0.18 (including)	0.1.0.18 (including)
Tor	Tor	0.1.0.19 (including)	0.1.0.19 (including)
Tor	Tor	0.1.1.1_alpha (including)	0.1.1.1_alpha (including)
Tor	Tor	0.1.1.2_alpha (including)	0.1.1.2_alpha (including)
Tor	Tor	0.1.1.3_alpha (including)	0.1.1.3_alpha (including)
Tor	Tor	0.1.1.4_alpha (including)	0.1.1.4_alpha (including)
Tor	Tor	0.1.1.5_alpha (including)	0.1.1.5_alpha (including)
Tor	Tor	0.1.1.6_alpha (including)	0.1.1.6_alpha (including)
Tor	Tor	0.1.1.7_alpha (including)	0.1.1.7_alpha (including)
Tor	Tor	0.1.1.8_alpha (including)	0.1.1.8_alpha (including)
Tor	Tor	0.1.1.9_alpha (including)	0.1.1.9_alpha (including)
Tor	Tor	0.1.1.10_alpha (including)	0.1.1.10_alpha (including)
Tor	Ubuntu	dapper	*
Tor	Ubuntu	edgy	*
Tor	Ubuntu	feisty	*
Tor	Ubuntu	gutsy	*
Tor	Ubuntu	hardy	*
Tor	Ubuntu	intrepid	*
Tor	Ubuntu	upstream	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-3417
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html

Affected Software

References