'Re: [oss-security] CVE id request: Tor <0.2.0.34 multiple DoS'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE id request: Tor <0.2.0.34 multiple DoS
From:       "Steven M. Christey" <coley () linus ! mitre ! org>
Date:       2009-03-18 0:37:50
Message-ID: Pine.GSO.4.51.0903172037360.17171 () faron ! mitre ! org
[Download RAW message or body]


======================================================
Name: CVE-2009-0936
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0936
Reference: MLIST:[or-announce] 20090209 Tor 0.2.0.34 is released (security fixes)
Reference: URL:http://archives.seul.org/or/announce/Feb-2009/msg00000.html
Reference: SECUNIA:33880
Reference: URL:http://secunia.com/advisories/33880

Unspecified vulnerability in Tor before 0.2.0.34 allows attackers to
cause a denial of service (infinite loop) via "corrupt votes."


======================================================
Name: CVE-2009-0937
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0937
Reference: MLIST:[or-announce] 20090209 Tor 0.2.0.34 is released (security fixes)
Reference: URL:http://archives.seul.org/or/announce/Feb-2009/msg00000.html
Reference: SECUNIA:33880
Reference: URL:http://secunia.com/advisories/33880

Unspecified vulnerability in Tor before 0.2.0.34 allows directory
mirrors to cause a denial of service via unknown vectors.


======================================================
Name: CVE-2009-0938
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0938
Reference: MLIST:[or-announce] 20090209 Tor 0.2.0.34 is released (security fixes)
Reference: URL:http://archives.seul.org/or/announce/Feb-2009/msg00000.html
Reference: SECUNIA:33880
Reference: URL:http://secunia.com/advisories/33880

Unspecified vulnerability in Tor before 0.2.0.34 allows directory
mirrors to cause a denial of service (exit node crash) via "malformed
input."


======================================================
Name: CVE-2009-0939
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0939
Reference: MLIST:[or-announce] 20090209 Tor 0.2.0.34 is released (security fixes)
Reference: URL:http://archives.seul.org/or/announce/Feb-2009/msg00000.html
Reference: SECUNIA:33880
Reference: URL:http://secunia.com/advisories/33880

Tor before 0.2.0.34 treats incomplete IPv4 addresses as valid, which
has unknown impact and attack vectors related to "Spec conformance,"
as demonstrated using 192.168.0.


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic