Vulnerability Details : CVE-2011-0491
The tor_realloc function in Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not validate a certain size value during memory allocation, which might allow remote attackers to cause a denial of service (daemon crash) via unspecified vectors, related to "underflow errors."
Vulnerability category: Input validationDenial of service
Products affected by CVE-2011-0491
- cpe:2.3:a:tor:tor:*:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.9.2:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.9.9:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.9.5:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.9.6:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.9.3:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.9.4:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.9.7:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.9.8:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.2_pre13:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.2_pre14:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.2_pre22:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.2_pre23:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.2_pre15:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.2_pre16:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.2_pre24:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.2_pre25:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.9.10:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.2_pre20:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.2_pre21:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.7.2:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.7.3:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.2_pre17:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.2_pre18:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.2_pre19:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.2_pre26:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.2_pre27:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.0.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.1.14:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.1.15:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.1.22:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.1.12:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.1.13:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.1.20:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.1.21:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.1.16:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.1.17:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.1.18:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.1.10:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.1.11:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.1.19:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.1.26:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.1.23:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.2.14:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.2.8:beta:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.2.7:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.2.10:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.2.9:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.2.13:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.2.6:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.2.5:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.2.12:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.2.11:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.2.3:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.2.19:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.2.30:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.2.15:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.2.17:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.2.18:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.2.16:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.8:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.9:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.16:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.17:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.24:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.25:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.1.25:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.3:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.4:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.5:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.12:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.13:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.20:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.21:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.30:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.28:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.6:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.7:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.14:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.15:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.22:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.23:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.31:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.2.31:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.1:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.2:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.10:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.11:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.18:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.19:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.26:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.27:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.29:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.32:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.35:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.34:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.33:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.2.6:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.2.3:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.2.7:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.2.5:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.2.4:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.2.1:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.2.2:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.2.11:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.2.12:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.2.19:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.2.13:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.2.14:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.2.9:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.2.10:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.2.17:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.2.18:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.2.8:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.2.15:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.2.16:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.1.11:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.1.12:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.1.17:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.1.19:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.1.20:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.1.25:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.1.27:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.1.8:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.1.8:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.1.5:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.1.13:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.1.14:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.1.15:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.1.16:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.1.3:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.1.4:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.1.5:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.1.6:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.1.2:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.1.1:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.1.10:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.2.20:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.1.1:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.1.21:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.1.22:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.1.23:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.1.24:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.31:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.30:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.0.29:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.2.1:alpha-cvs:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.1.7:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.1.6:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.1.9:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.1.10:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.1.12:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.1.18:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.1.2:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.1.26:*:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.1.7:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.2.1.9:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.1.3:alpha:*:*:*:*:*:*
- cpe:2.3:a:tor:tor:0.1.1.4:alpha:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-0491
2.28%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 88 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-0491
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2011-0491
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-0491
-
https://gitweb.torproject.org/tor.git/blob/refs/heads/release-0.2.2:/ChangeLog
Patch
-
http://blog.torproject.org/blog/tor-02129-released-security-patches
Tor 0.2.1.29 is released (security patches) | Tor BlogPatch;Vendor Advisory
-
https://trac.torproject.org/projects/tor/ticket/2324
#2324 (realloc should check SIZE_T_CEILING too?) – Tor Bug Tracker & Wiki
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/64888
Tor tor_realloc() denial of service CVE-2011-0491 Vulnerability Report
-
http://archives.seul.org/or/announce/Jan-2011/msg00000.html
Tor 0.2.1.29 is released (security patches)Patch
-
http://www.securityfocus.com/bid/45953
Tor Multiple Denial of Service Vulnerabilities
Jump to