CVE-2007-4098

Sažetak

Tor before 0.1.2.15 does not properly distinguish "streamids from different exits," which might allow remote attackers with control over Tor routers to inject cells into arbitrary streams.

Reference

http://archives.seul.org/or/announce/Jul-2007/msg00000.html
http://osvdb.org/46970
http://secunia.com/advisories/26140
http://www.securityfocus.com/bid/25035
http://www.vupen.com/english/advisories/2007/2634

CVSS

Base:	5.8
Impact:	4.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:P/A:P

Zadnje važnije ažuriranje

08-03-2011 - 02:57

Objavljeno

30-07-2007 - 21:17