CVE-2006-4508 Affecting tor package, versions <0.1.1.23-1
Threat Intelligence
EPSS
1.61% (88th
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-DEBIAN10-TOR-371045
- published 31 Aug 2006
- disclosed 31 Aug 2006
Introduced: 31 Aug 2006
CVE-2006-4508 Open this link in a new tabHow to fix?
Upgrade Debian:10 tor to version 0.1.1.23-1 or higher.
NVD Description
Note: Versions mentioned in the description apply only to the upstream tor package and not the tor package as distributed by Debian.
See How to fix? for Debian:10 relevant fixed versions and status.
Unspecified vulnerability in (1) Tor 0.1.0.x before 0.1.0.18 and 0.1.1.x before 0.1.1.23, and (2) ScatterChat before 1.0.2, allows remote attackers operating a Tor entry node to route arbitrary Tor traffic through clients or cause a denial of service (flood) via unspecified vectors.
References
- https://security-tracker.debian.org/tracker/CVE-2006-4508
- http://archives.seul.org/or/announce/Aug-2006/msg00001.html
- http://www.scatterchat.com/advisories/2006-02_tech.html
- http://secunia.com/advisories/21708
- http://secunia.com/advisories/21725
- http://www.securityfocus.com/bid/19785
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28686
CVSS Scores
version 3.1