{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Tor before 0.1.1.20 uses OpenSSL pseudo-random bytes (RAND_pseudo_bytes) instead of cryptographically strong RAND_bytes, and seeds the entropy value at start-up with 160-bit chunks without reseeding, which makes it easier for attackers to conduct brute force guessing attacks."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2006-07-07T00:00:00.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "25880", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/25880"}, {"name": "20514", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/20514"}, {"name": "GLSA-200606-04", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200606-04.xml"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://tor.eff.org/cvs/tor/ChangeLog"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-3419", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Tor before 0.1.1.20 uses OpenSSL pseudo-random bytes (RAND_pseudo_bytes) instead of cryptographically strong RAND_bytes, and seeds the entropy value at start-up with 160-bit chunks without reseeding, which makes it easier for attackers to conduct brute force guessing attacks."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "25880", "refsource": "OSVDB", "url": "http://www.osvdb.org/25880"}, {"name": "20514", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20514"}, {"name": "GLSA-200606-04", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200606-04.xml"}, {"name": "http://tor.eff.org/cvs/tor/ChangeLog", "refsource": "CONFIRM", "url": "http://tor.eff.org/cvs/tor/ChangeLog"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T18:30:33.376Z"}, "title": "CVE Program Container", "references": [{"name": "25880", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/25880"}, {"name": "20514", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/20514"}, {"name": "GLSA-200606-04", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-200606-04.xml"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://tor.eff.org/cvs/tor/ChangeLog"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-3419", "datePublished": "2006-07-07T00:00:00.000Z", "dateReserved": "2006-07-06T00:00:00.000Z", "dateUpdated": "2024-09-17T00:51:25.809Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tor:tor:0.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "FD529C5A-D6E8-4FFD-B552-B91A9BD409F2", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.2_pre13:*:*:*:*:*:*:*", "matchCriteriaId": "4490AC9B-E8D8-4C97-866B-AB76AB2536F5", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.2_pre14:*:*:*:*:*:*:*", "matchCriteriaId": "0DBA48C9-C0CA-41C8-BDD3-0E69ED7AAC8F", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.2_pre15:*:*:*:*:*:*:*", "matchCriteriaId": "9A8970D3-4C0B-4B6F-BEB4-08FF20FAEBF0", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.2_pre16:*:*:*:*:*:*:*", "matchCriteriaId": "2A2A2B60-8D31-4B59-8407-9CE62709906A", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.2_pre17:*:*:*:*:*:*:*", "matchCriteriaId": "CDE02B1D-AA25-4364-8E54-583A0304FA69", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.2_pre18:*:*:*:*:*:*:*", "matchCriteriaId": "DE3AB095-3F57-4922-BC12-0842FA158555", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.2_pre19:*:*:*:*:*:*:*", "matchCriteriaId": "F066E4A3-BE6F-4FF7-AE7A-C8E3A33D7197", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.2_pre20:*:*:*:*:*:*:*", "matchCriteriaId": "811FD436-8BD2-463A-8072-A915FFCA33C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.2_pre21:*:*:*:*:*:*:*", "matchCriteriaId": "83F107CD-7334-4D9D-AEFF-FA5F8DE72576", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.2_pre22:*:*:*:*:*:*:*", "matchCriteriaId": "07EB2211-D97D-47EF-94D1-01E7A3879BC3", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.2_pre23:*:*:*:*:*:*:*", "matchCriteriaId": "28DC8889-4E65-46D0-AA68-6390757862D1", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.2_pre24:*:*:*:*:*:*:*", "matchCriteriaId": "4E4C7373-82F1-49E6-90D6-7A02AC52F255", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.2_pre25:*:*:*:*:*:*:*", "matchCriteriaId": "7F3D847A-D8F1-40CE-AE33-A397654C55B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.2_pre26:*:*:*:*:*:*:*", "matchCriteriaId": "8B3A2CE6-F8DE-4B8A-BEEA-6732E4342792", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.2_pre27:*:*:*:*:*:*:*", "matchCriteriaId": "D9238A5E-28EA-405A-8CF9-7410CB2CA6EA", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "7301BA35-2522-4144-83C2-6A3A6D329A8F", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "37993416-D81F-4F6B-AB2C-16F351BE68D7", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "295C826F-CBEB-4BA2-A760-22D58D231BBA", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "D230B213-4A35-488F-A4B5-87F77BD65E5C", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "AFF88062-8726-4C1D-8F93-ABA0B1654656", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "1A710565-6960-4D46-A1EB-86FE0927A66D", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "81F6C954-7C0A-41E5-9719-26082E40C5E5", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "43784D06-2D2A-46D1-ADE2-B947B3F10F33", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "196BF37C-CD62-4D4C-A716-827B0E6A5065", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "20076B65-48E6-4DA2-BDA1-AC4F904B449D", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "48A2CCAD-397B-4037-B99B-F0A622FAF8D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "50E74056-DD32-49E6-808A-5A9B755F1DC0", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "6E2103A8-0F3F-4226-A5D8-4BF239FD6636", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "FDA35257-80F6-4DDF-94EF-ABE1ED039ED8", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "0490AB18-A839-400D-88E2-D918B1EEFA00", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "DBED980F-A8B9-4C44-957C-FD18867B1799", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.9.4:*:*:*:*:*:*:*", "matchCriteriaId": "3E033E0C-C7F6-4910-A795-28BA60E9431A", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.9.5:*:*:*:*:*:*:*", "matchCriteriaId": "5AAAACA5-F431-4D83-B04D-EC9A81C96184", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.9.6:*:*:*:*:*:*:*", "matchCriteriaId": "A1D5B46C-E7D3-495F-861C-12324F09EC9F", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.9.7:*:*:*:*:*:*:*", "matchCriteriaId": "639E3063-34CC-4AE2-B055-92D36ECAADF2", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.9.8:*:*:*:*:*:*:*", "matchCriteriaId": "C5305AF8-E26C-44A1-B546-AAC5D1C2D053", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.9.9:*:*:*:*:*:*:*", "matchCriteriaId": "48DCAB29-4EF2-4A50-A941-DA5D89E27D51", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.0.9.10:*:*:*:*:*:*:*", "matchCriteriaId": "33928D26-39DF-4E15-9979-F9484913C219", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "7A8F70D6-4B9C-4131-A419-4AD9325DFFC9", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "48B8A291-E1F7-444F-8C5B-C3C38541B3D1", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "24581D9F-02AF-42E6-A3D7-9CAD43E26477", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "3B978E3E-69D7-46BD-BD88-1409A546FF66", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "E7FED829-128A-4F87-9838-AD0C9C11E458", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "3A39B543-5978-46FC-AF85-D635D87E3B92", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "4CE0BE0D-F509-4A91-BDD7-A0A8324498D2", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "803498D9-C750-4D16-8ADF-2F98E71888A4", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "65F6A78C-76E9-4A5F-92BD-B16D1CBE934F", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "C04309D4-FEA8-47EA-BB9A-8CBD341B475F", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "8607F3C9-F185-4B87-8A1B-B9495A4F244D", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.0.12:*:*:*:*:*:*:*", "matchCriteriaId": "525A0E09-D4CF-42AA-8EB2-47E0E6CBA179", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.0.13:*:*:*:*:*:*:*", "matchCriteriaId": "667201BB-5FDA-4E51-B865-0AF8507DBCDA", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.0.14:*:*:*:*:*:*:*", "matchCriteriaId": "C1BA7280-1DF3-4A98-AFD2-C67406A32EA2", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.0.15:*:*:*:*:*:*:*", "matchCriteriaId": "D70542A1-34B3-4EBF-BAA7-6B009CCFD22C", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.0.16:*:*:*:*:*:*:*", "matchCriteriaId": "6F2DADBB-D90B-4B9D-B9DA-65AC39C61043", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.0.17:*:*:*:*:*:*:*", "matchCriteriaId": "DB01B6B6-66C3-443B-BA3D-0DB17BDCC0BB", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.0.18:*:*:*:*:*:*:*", "matchCriteriaId": "D4E6BA17-6AE9-45ED-A8C3-F79463F427BE", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.0.19:*:*:*:*:*:*:*", "matchCriteriaId": "3C7D396C-36CA-4579-BCA0-672440CB5CCD", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.1.1_alpha:*:*:*:*:*:*:*", "matchCriteriaId": "811CE708-CEE6-4B0F-98E5-E138C06EA382", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.1.2_alpha:*:*:*:*:*:*:*", "matchCriteriaId": "6860F802-FEC2-449A-A5FC-AFACCA8633CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.1.3_alpha:*:*:*:*:*:*:*", "matchCriteriaId": "A4CA23F0-7C49-430E-AD20-7C7BDCC1EEC8", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.1.4_alpha:*:*:*:*:*:*:*", "matchCriteriaId": "D4D9E677-01D2-4800-82AA-F5585475D500", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.1.5_alpha:*:*:*:*:*:*:*", "matchCriteriaId": "9C589D4F-60B3-450B-860A-9975BB47BBE2", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.1.6_alpha:*:*:*:*:*:*:*", "matchCriteriaId": "DA331167-6A2F-402F-A28F-9EE7B6F20207", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.1.7_alpha:*:*:*:*:*:*:*", "matchCriteriaId": "F42AB6B3-7BD8-4B55-B269-DCA664A25FDE", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.1.8_alpha:*:*:*:*:*:*:*", "matchCriteriaId": "D4740B10-EFB8-4F79-88C1-9B6F5897A71C", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.1.9_alpha:*:*:*:*:*:*:*", "matchCriteriaId": "31CA7556-D132-4E81-8E13-C7E025AF20AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.1.10_alpha:*:*:*:*:*:*:*", "matchCriteriaId": "D224FA8D-4C5A-48BE-92F2-1EC57782046D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Tor before 0.1.1.20 uses OpenSSL pseudo-random bytes (RAND_pseudo_bytes) instead of cryptographically strong RAND_bytes, and seeds the entropy value at start-up with 160-bit chunks without reseeding, which makes it easier for attackers to conduct brute force guessing attacks."}, {"lang": "es", "value": "Tor versiones anteriores a la 0.1.1.20 utiliza bytes pseudo aleatorios OpenSSL (RAND_pseudo_bytes) en vez de RAND_bytes que son criptogr\u00e1ficamente fuertes y genera el valor de entrop\u00eda al arranque con fragmentos de 160 bits sin regeneraci\u00f3n de semillas, lo cual facilita a los atacantes llevar a cabo ataques de adivinaci\u00f3n por fuerza bruta."}], "id": "CVE-2006-3419", "lastModified": "2026-04-16T00:27:16.627", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-07-07T00:05:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/20514"}, {"source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200606-04.xml"}, {"source": "cve@mitre.org", "url": "http://tor.eff.org/cvs/tor/ChangeLog"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/25880"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/20514"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200606-04.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://tor.eff.org/cvs/tor/ChangeLog"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/25880"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}