Vulnerability Details : CVE-2017-0375
The hidden-service feature in Tor before 0.3.0.8 allows a denial of service (assertion failure and daemon exit) in the relay_send_end_cell_from_edge_ function via a malformed BEGIN cell.
Vulnerability category: Denial of service
Exploit prediction scoring system (EPSS) score for CVE-2017-0375
Probability of exploitation activity in the next 30 days: 0.37%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 69 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2017-0375
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST |
|
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2017-0375
-
The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-0375
-
https://github.com/torproject/tor/commit/79b59a2dfcb68897ee89d98587d09e55f07e68d7
TROVE-2017-004: Fix assertion failure in relay_send_end_cell_from_edge_ · torproject/tor@79b59a2 · GitHubIssue Tracking;Patch;Vendor Advisory
-
https://lists.torproject.org/pipermail/tor-announce/2017-June/000131.html
[tor-announce] Tor 0.3.0.8 is released, with security fixes for hidden services. (As are 0.2.4.29, 0.2.5.14, 0.2.6.12, 0.2.7.8, 0.2.8.14, and 0.2.9.11)Mailing List;Third Party Advisory
-
https://trac.torproject.org/projects/tor/ticket/22493
#22493 (Fix TROVE-2017-004) – Tor Bug Tracker & WikiIssue Tracking
-
http://www.securityfocus.com/bid/99017
Tor CVE-2017-0375 Remote Denial of Service VulnerabilityThird Party Advisory;VDB Entry
Products affected by CVE-2017-0375
- cpe:2.3:a:torproject:tor:*:*:*:*:*:*:*:*