The connection_edge_process_relay_cell_not_open function in src/or/relay.c in Tor 0.2.x before 0.2.0.35 and 0.1.x before 0.1.2.8-beta allows exit relays to have an unspecified impact by causing controllers to accept DNS responses that redirect to an internal IP address via unknown vectors. NOTE: some of these details are obtained from third party information.
Max CVSS
5.0
EPSS Score
0.39%
Published
2009-07-10
Updated
2017-08-17
Tor before 0.2.0.34 treats incomplete IPv4 addresses as valid, which has unknown impact and attack vectors related to "Spec conformance," as demonstrated using 192.168.0.
Max CVSS
10.0
EPSS Score
0.38%
Published
2009-03-18
Updated
2009-04-18
Unspecified vulnerability in Tor before 0.2.0.34 allows directory mirrors to cause a denial of service (exit node crash) via "malformed input."
Max CVSS
5.0
EPSS Score
0.41%
Published
2009-03-18
Updated
2017-08-17
Unspecified vulnerability in Tor before 0.2.0.34 allows directory mirrors to cause a denial of service via unknown vectors.
Max CVSS
5.0
EPSS Score
0.34%
Published
2009-03-18
Updated
2009-04-18
Unspecified vulnerability in Tor before 0.2.0.34 allows attackers to cause a denial of service (infinite loop) via "corrupt votes."
Max CVSS
5.0
EPSS Score
0.34%
Published
2009-03-18
Updated
2009-04-18
Unspecified vulnerability in Tor before 0.2.0.33 has unspecified impact and remote attack vectors that trigger heap corruption.
Max CVSS
10.0
EPSS Score
1.55%
Published
2009-02-03
Updated
2011-03-08
6 vulnerabilities found