Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0654

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2009-0654
Last Modified 25 Feb 2009 12:00:00
Published 20 Feb 2009 02:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2009-0654

Summary

Tor 0.2.0.28, and probably 0.2.0.34 and earlier, allows remote attackers, with control of an entry router and an exit router, to confirm that a sender and receiver are communicating via vectors involving (1) replaying, (2) modifying, (3) inserting, or (4) deleting a single cell, and then observing cell recognition errors at the exit router. NOTE: the vendor disputes the significance of this issue, noting that the product's design "accepted end-to-end correlation as an attack that is too expensive to solve."

Vulnerable Systems

Application

  • Tor 0.2.0.1

  • Tor 0.2.0.10

  • Tor 0.2.0.11

  • Tor 0.2.0.12

  • Tor 0.2.0.13

  • Tor 0.2.0.14

  • Tor 0.2.0.15

  • Tor 0.2.0.16

  • Tor 0.2.0.17

  • Tor 0.2.0.18

  • Tor 0.2.0.19

  • Tor 0.2.0.2

  • Tor 0.2.0.20

  • Tor 0.2.0.21

  • Tor 0.2.0.22

  • Tor 0.2.0.23

  • Tor 0.2.0.24

  • Tor 0.2.0.25

  • Tor 0.2.0.26

  • Tor 0.2.0.27

  • Tor 0.2.0.28

  • Tor 0.2.0.29

  • Tor 0.2.0.3

  • Tor 0.2.0.30

  • Tor 0.2.0.31

  • Tor 0.2.0.32

  • Tor 0.2.0.34

  • Tor 0.2.0.4

  • Tor 0.2.0.5

  • Tor 0.2.0.6

  • Tor 0.2.0.7

  • Tor 0.2.0.8

  • Tor 0.2.0.9


References

MISC - http://www.blackhat.com/presentations/bh-dc-09/Fu/BlackHat-DC-09-Fu-Break-Tors-Anonymity.pdf

MISC - http://www.blackhat.com/html/bh-dc-09/bh-dc-09-archives.html#Fu

MISC - http://blog.torproject.org/blog/one-cell-enough


Last Updated: 27 May 2016 10:50:20