CVE-2009-0654
Tor 0.2.0.28, and probably 0.2.0.34 and earlier, allows remote attackers, with control of an entry router and an exit router, to confirm that a sender and receiver are communicating via vectors involving (1) replaying, (2) modifying, (3) inserting, or (4) deleting a single cell, and then observing cell recognition errors at the exit router. NOTE: the vendor disputes the significance of this issue, noting that the product's design "accepted end-to-end correlation as an attack that is too expensive to solve."Enginsight
Vendor | Product | Version |
---|---|---|
tor | tor | 𝑥 ≤ 0.2.0.34 |
tor | tor | 0.2.0.1 |
tor | tor | 0.2.0.2 |
tor | tor | 0.2.0.3 |
tor | tor | 0.2.0.4 |
tor | tor | 0.2.0.5 |
tor | tor | 0.2.0.6 |
tor | tor | 0.2.0.7 |
tor | tor | 0.2.0.8 |
tor | tor | 0.2.0.9 |
tor | tor | 0.2.0.10 |
tor | tor | 0.2.0.11 |
tor | tor | 0.2.0.12 |
tor | tor | 0.2.0.13 |
tor | tor | 0.2.0.14 |
tor | tor | 0.2.0.15 |
tor | tor | 0.2.0.16 |
tor | tor | 0.2.0.17 |
tor | tor | 0.2.0.18 |
tor | tor | 0.2.0.19 |
tor | tor | 0.2.0.20 |
tor | tor | 0.2.0.21 |
tor | tor | 0.2.0.22 |
tor | tor | 0.2.0.23 |
tor | tor | 0.2.0.24 |
tor | tor | 0.2.0.25 |
tor | tor | 0.2.0.26 |
tor | tor | 0.2.0.27 |
tor | tor | 0.2.0.28 |
tor | tor | 0.2.0.29 |
tor | tor | 0.2.0.30 |
tor | tor | 0.2.0.31 |
tor | tor | 0.2.0.32 |
Debian Releases