The Hidden Service (HS) server implementation in Tor before 0.2.4.27, 0.2.5.x before 0.2.5.12, and 0.2.6.x before 0.2.6.7 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors.
Source: MITRE
Published: 2020-01-24
Updated: 2020-02-01
Type: NVD-CWE-noinfo
Base Score: 5
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Impact Score: 2.9
Exploitability Score: 10
Severity: MEDIUM
Base Score: 7.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Impact Score: 3.6
Exploitability Score: 3.9
Severity: HIGH
OR
cpe:2.3:a:torproject:tor:*:*:*:*:*:*:*:*
ID | Name | Product | Family | Severity |
---|---|---|---|---|
84556 | GLSA-201507-02 : Tor: Denial of Service | Nessus | Gentoo Local Security Checks | medium |
83097 | Mandriva Linux Security Advisory : tor (MDVSA-2015:205) | Nessus | Mandriva Local Security Checks | medium |
82969 | Fedora 22 : tor-0.2.5.12-1.fc22 (2015-5890) | Nessus | Fedora Local Security Checks | medium |
82883 | Fedora 20 : tor-0.2.5.12-1.fc20 (2015-5732) | Nessus | Fedora Local Security Checks | medium |
82882 | Fedora 21 : tor-0.2.5.12-1.fc21 (2015-5729) | Nessus | Fedora Local Security Checks | medium |
82754 | openSUSE Security Update : tor (openSUSE-2015-300) | Nessus | SuSE Local Security Checks | medium |
82624 | Debian DSA-3216-1 : tor - security update | Nessus | Debian Local Security Checks | medium |
82594 | Debian DLA-187-1 : tor security update | Nessus | Debian Local Security Checks | medium |