CVE-2007-3165

Tor before 0.1.2.14 can construct circuits in which an entry guard is in the same family as the exit node, which might compromise the anonymity of traffic sources and destinations by exposing traffic to inappropriate remote observers.

Link	Resource
http://archives.seul.org/or/announce/May-2007/msg00000.html
http://www.securityfocus.com/bid/24180	Patch
http://secunia.com/advisories/25415	Patch Vendor Advisory
http://osvdb.org/35670
http://www.vupen.com/english/advisories/2007/1964

Configuration 1

cpe:2.3:a:tor:tor:0.1.1.1_alpha:*:*:*:*:*:*:* cpe:2.3:a:tor:tor:0.1.2.1_alpha-cvs:*:*:*:*:*:*:* cpe:2.3:a:tor:tor:0.1.1.23:*:*:*:*:*:*:* cpe:2.3:a:tor:tor:0.0.9.8:*:*:*:*:*:*:* cpe:2.3:a:tor:tor:0.0.9.10:*:*:*:*:*:*:* cpe:2.3:a:tor:tor:0.0.9.2:*:*:*:*:*:*:* cpe:2.3:a:tor:tor:0.1.0.10:*:*:*:*:*:*:* cpe:2.3:a:tor:tor:0.0.9:*:*:*:*:*:*:* cpe:2.3:a:tor:tor:0.0.9.5:*:*:*:*:*:*:* cpe:2.3:a:tor:tor:0.1.0.12:*:*:*:*:*:*:* cpe:2.3:a:tor:tor:0.0.9.3:*:*:*:*:*:*:* cpe:2.3:a:tor:tor:0.0.9.9:*:*:*:*:*:*:* cpe:2.3:a:tor:tor:0.1.1.3_alpha:*:*:*:*:*:*:* cpe:2.3:a:tor:tor:0.1.0.13:*:*:*:*:*:*:* cpe:2.3:a:tor:tor:0.1.0.14:*:*:*:*:*:*:* cpe:2.3:a:tor:tor:0.0.9.4:*:*:*:*:*:*:* cpe:2.3:a:tor:tor:0.1.1.4_alpha:*:*:*:*:*:*:* cpe:2.3:a:tor:tor:0.1.1.2_alpha:*:*:*:*:*:*:* cpe:2.3:a:tor:tor:0.0.9.1:*:*:*:*:*:*:* cpe:2.3:a:tor:tor:0.0.9.7:*:*:*:*:*:*:* cpe:2.3:a:tor:tor:0.1.1.20:*:*:*:*:*:*:* cpe:2.3:a:tor:tor:0.0.9.6:*:*:*:*:*:*:* cpe:2.3:a:tor:tor:0.1.1.5_alpha:*:*:*:*:*:*:* cpe:2.3:a:tor:tor:0.1.0.11:*:*:*:*:*:*:*

---

Published : 2007-06-11 10:30

Updated : 2011-03-08 02:55

---

NVD link : CVE-2007-3165

Mitre link : CVE-2007-3165

No products.

NVD-CWE-Other