CVE Vulnerabilities

CVE-2007-4098

Published: Jul 30, 2007 | Modified: Mar 08, 2011
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5.8 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Tor before 0.1.2.15 does not properly distinguish streamids from different exits, which might allow remote attackers with control over Tor routers to inject cells into arbitrary streams.

Affected Software

Name Vendor Start Version End Version
Tor Tor 0.1.1.1_alpha 0.1.1.1_alpha
Tor Tor 0.1.2.1_alpha-cvs 0.1.2.1_alpha-cvs
Tor Tor 0.1.0.18 0.1.0.18
Tor Tor 0.1.1.23 0.1.1.23
Tor Tor 0.1.0.10 0.1.0.10
Tor Tor 0.1.0.12 0.1.0.12
Tor Tor 0.1.1.3_alpha 0.1.1.3_alpha
Tor Tor 0.1.2.14 0.1.2.14
Tor Tor 0.1.0.13 0.1.0.13
Tor Tor 0.1.0.14 0.1.0.14
Tor Tor 0.1.1.4_alpha 0.1.1.4_alpha
Tor Tor 0.1.1.2_alpha 0.1.1.2_alpha
Tor Tor 0.1.1.20 0.1.1.20
Tor Tor 0.1.1.5_alpha 0.1.1.5_alpha
Tor Tor 0.1.0.11 0.1.0.11

References