CVE-2010-0384

Published Jan 25, 2010

Last updated 14 years ago

Overview

Description: Tor 0.2.2.x before 0.2.2.7-alpha, when functioning as a directory mirror, does not prevent logging of the client IP address upon detection of erroneous client behavior, which might make it easier for local users to discover the identities of clients in opportunistic circumstances by reading log files.
Source: cve@mitre.org
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 2.1
Impact score: 2.9
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-200

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:tor:tor:0.2.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "155BFC2E-F388-4AD7-A5BC-3531FC81948F"
          },
          {
            "criteria": "cpe:2.3:a:tor:tor:0.2.2.1:alpha:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EF240A26-E071-4C64-B0E7-6E5F7D9BD964"
          },
          {
            "criteria": "cpe:2.3:a:tor:tor:0.2.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7C1908AB-04C3-4F96-B681-9B661C122063"
          },
          {
            "criteria": "cpe:2.3:a:tor:tor:0.2.2.2:alpha:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EF856938-A172-4BA9-86BF-7C7F3F8E382C"
          },
          {
            "criteria": "cpe:2.3:a:tor:tor:0.2.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B0FFFC75-CECB-4609-B5C2-153192FE9399"
          },
          {
            "criteria": "cpe:2.3:a:tor:tor:0.2.2.3:alpha:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5ECBB2B5-5F2A-4A89-9A72-DB47B5331AB5"
          },
          {
            "criteria": "cpe:2.3:a:tor:tor:0.2.2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D8B64406-ECC9-445A-9550-E1B8124BF85E"
          },
          {
            "criteria": "cpe:2.3:a:tor:tor:0.2.2.4:alpha:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F7A37134-5162-4E48-BE5C-93807F4CD055"
          },
          {
            "criteria": "cpe:2.3:a:tor:tor:0.2.2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C7F42FD-A98D-40F9-AE5D-CA5DE2FB575B"
          },
          {
            "criteria": "cpe:2.3:a:tor:tor:0.2.2.5:alpha:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4CECAD72-6E99-400D-82A8-3792E88C65F5"
          },
          {
            "criteria": "cpe:2.3:a:tor:tor:0.2.2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "47FD7FC5-30C3-48D7-8A95-7F923EA25457"
          },
          {
            "criteria": "cpe:2.3:a:tor:tor:0.2.2.6:alpha:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "38665A22-85F6-4F7E-A73B-CBB82828F63D"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References