CVE-2011-4894 in Torinfo

Summary

Tor before 0.2.2.34, when configured as a bridge, uses direct DirPort access instead of a Tor TLS connection for a directory fetch, which makes it easier for remote attackers to enumerate bridges by observing DirPort connections.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

12/22/2011

Disclosure

12/22/2011

Moderation

VulDB entry created

Entries

VDB-59784 (1)

CPE

ready

CWE

CWE-200 (Confirmed)

CVSS

5.3

EPSS

0.00250

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-4894
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-4894
CVE Details	https://www.cvedetails.com/cve/CVE-2011-4894/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!