Vulnerability Details : CVE-2009-0938
Unspecified vulnerability in Tor before 0.2.0.34 allows directory mirrors to cause a denial of service (exit node crash) via "malformed input."
Vulnerability category: Denial of service
Products affected by CVE-2009-0938
- cpe:2.3:a:tor:tor:*:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.16:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.17:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.24:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.25:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.3:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.4:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.5:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.12:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.13:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.20:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.21:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.30:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.28:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.6:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.14:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.15:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.22:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.23:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.31:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.1:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.2:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.10:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.11:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.18:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.19:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.26:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.27:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.29:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.32:alpha:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2009-0938
0.43%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 75 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2009-0938
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST |
References for CVE-2009-0938
-
http://security.gentoo.org/glsa/glsa-200904-11.xml
Tor: Multiple vulnerabilities (GLSA 200904-11) — Gentoo security
-
http://www.securityfocus.com/bid/33713
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/49323
Tor mirrors denial of service CVE-2009-0938 Vulnerability Report
-
http://archives.seul.org/or/announce/Feb-2009/msg00000.html
Tor 0.2.0.34 is released (security fixes)Patch
Jump to