Vulnerability Details CVE-2007-3165
Tor before 0.1.2.14 can construct circuits in which an entry guard is in the same family as the exit node, which might compromise the anonymity of traffic sources and destinations by exposing traffic to inappropriate remote observers.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 55.8%
CVSS Severity
CVSS v2 Score 5.0
References
- http://archives.seul.org/or/announce/May-2007/msg00000.html
- http://osvdb.org/35670
- http://secunia.com/advisories/25415
- http://www.securityfocus.com/bid/24180
- http://www.vupen.com/english/advisories/2007/1964
- http://archives.seul.org/or/announce/May-2007/msg00000.html
- http://osvdb.org/35670
- http://secunia.com/advisories/25415
- http://www.securityfocus.com/bid/24180
- http://www.vupen.com/english/advisories/2007/1964
Products affected by CVE-2007-3165
-
cpe:2.3:a:tor:tor:0.0.9
-
cpe:2.3:a:tor:tor:0.0.9.1
-
cpe:2.3:a:tor:tor:0.0.9.10
-
cpe:2.3:a:tor:tor:0.0.9.2
-
cpe:2.3:a:tor:tor:0.0.9.3
-
cpe:2.3:a:tor:tor:0.0.9.4
-
cpe:2.3:a:tor:tor:0.0.9.5
-
cpe:2.3:a:tor:tor:0.0.9.6
-
cpe:2.3:a:tor:tor:0.0.9.7
-
cpe:2.3:a:tor:tor:0.0.9.8
-
cpe:2.3:a:tor:tor:0.0.9.9
-
cpe:2.3:a:tor:tor:0.1.0.10
-
cpe:2.3:a:tor:tor:0.1.0.11
-
cpe:2.3:a:tor:tor:0.1.0.12
-
cpe:2.3:a:tor:tor:0.1.0.13
-
cpe:2.3:a:tor:tor:0.1.0.14
-
cpe:2.3:a:tor:tor:0.1.1.1_alpha
-
cpe:2.3:a:tor:tor:0.1.1.20
-
cpe:2.3:a:tor:tor:0.1.1.23
-
cpe:2.3:a:tor:tor:0.1.1.2_alpha
-
cpe:2.3:a:tor:tor:0.1.1.3_alpha
-
cpe:2.3:a:tor:tor:0.1.1.4_alpha
-
cpe:2.3:a:tor:tor:0.1.1.5_alpha
-
cpe:2.3:a:tor:tor:0.1.2.1_alpha-cvs