CVE-2006-4508 : Unspecified vulnerability in (1) Tor 0.1.0.x before 0.1.0.18 and 0.1.1.x before

Unspecified vulnerability in (1) Tor 0.1.0.x before 0.1.0.18 and 0.1.1.x before 0.1.1.23, and (2) ScatterChat before 1.0.2, allows remote attackers operating a Tor entry node to route arbitrary Tor traffic through clients or cause a denial of service (flood) via unspecified vectors.

Published 2006-08-31 23:04:00

Updated 2017-07-20 01:33:09

Source MITRE

View at NVD, CVE.org

Vulnerability category: Denial of service

Products affected by CVE-2006-4508

TOR » TOR » Version: 0.1.0.1
cpe:2.3:a:tor:tor:0.1.0.1:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.0.4
cpe:2.3:a:tor:tor:0.1.0.4:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.0.5
cpe:2.3:a:tor:tor:0.1.0.5:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.0.10
cpe:2.3:a:tor:tor:0.1.0.10:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.0.11
cpe:2.3:a:tor:tor:0.1.0.11:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.0.6
cpe:2.3:a:tor:tor:0.1.0.6:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.0.7
cpe:2.3:a:tor:tor:0.1.0.7:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.0.12
cpe:2.3:a:tor:tor:0.1.0.12:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.0.13
cpe:2.3:a:tor:tor:0.1.0.13:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.0.8
cpe:2.3:a:tor:tor:0.1.0.8:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.0.9
cpe:2.3:a:tor:tor:0.1.0.9:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.0.2
cpe:2.3:a:tor:tor:0.1.0.2:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.0.3
cpe:2.3:a:tor:tor:0.1.0.3:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.0.14
cpe:2.3:a:tor:tor:0.1.0.14:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.0.15
cpe:2.3:a:tor:tor:0.1.0.15:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.0.16
cpe:2.3:a:tor:tor:0.1.0.16:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.0.17
cpe:2.3:a:tor:tor:0.1.0.17:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.1.14
cpe:2.3:a:tor:tor:0.1.1.14:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.1.15
cpe:2.3:a:tor:tor:0.1.1.15:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.1.22
cpe:2.3:a:tor:tor:0.1.1.22:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.1.3
cpe:2.3:a:tor:tor:0.1.1.3:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.1.12
cpe:2.3:a:tor:tor:0.1.1.12:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.1.13
cpe:2.3:a:tor:tor:0.1.1.13:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.1.20
cpe:2.3:a:tor:tor:0.1.1.20:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.1.21
cpe:2.3:a:tor:tor:0.1.1.21:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.1.8
cpe:2.3:a:tor:tor:0.1.1.8:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.1.9
cpe:2.3:a:tor:tor:0.1.1.9:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.1.1
cpe:2.3:a:tor:tor:0.1.1.1:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.1.16
cpe:2.3:a:tor:tor:0.1.1.16:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.1.17
cpe:2.3:a:tor:tor:0.1.1.17:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.1.18
cpe:2.3:a:tor:tor:0.1.1.18:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.1.4
cpe:2.3:a:tor:tor:0.1.1.4:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.1.5
cpe:2.3:a:tor:tor:0.1.1.5:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.1.10
cpe:2.3:a:tor:tor:0.1.1.10:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.1.11
cpe:2.3:a:tor:tor:0.1.1.11:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.1.19
cpe:2.3:a:tor:tor:0.1.1.19:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.1.2
cpe:2.3:a:tor:tor:0.1.1.2:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.1.6
cpe:2.3:a:tor:tor:0.1.1.6:*:*:*:*:*:*:*
Matching versions
TOR » TOR » Version: 0.1.1.7
cpe:2.3:a:tor:tor:0.1.1.7:*:*:*:*:*:*:*
Matching versions
Scatterchat » Scatterchat
Versions up to, including, (<=) 1.0.1
cpe:2.3:a:scatterchat:scatterchat:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2006-4508

EPSS FAQ

1.56%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 87 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2006-4508

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
4.0	MEDIUM	AV:N/AC:H/Au:N/C:P/I:N/A:P	4.9	4.9	NIST
Access Vector: Network Access Complexity: High Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: Partial

References for CVE-2006-4508

https://exchange.xforce.ibmcloud.com/vulnerabilities/28686

Tor traffic routing denial of service CVE-2006-4508 Vulnerability Report
http://www.scatterchat.com/advisories/2006-02_tech.html

Attention Required! | Cloudflare
Patch;Vendor Advisory
http://www.securityfocus.com/bid/19785

Patch
http://archives.seul.org/or/announce/Aug-2006/msg00001.html

Tor security advisory: clients will route traffic
Patch

Jump to

Vulnerability Details : CVE-2006-4508

Products affected by CVE-2006-4508

Exploit prediction scoring system (EPSS) score for CVE-2006-4508

CVSS scores for CVE-2006-4508

References for CVE-2006-4508