{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-07-30T00:00:00", "descriptions": [{"lang": "en", "value": "Tor before 0.2.4.23 and 0.2.5 before 0.2.5.6-alpha maintains a circuit after an inbound RELAY_EARLY cell is received by a client, which makes it easier for remote attackers to conduct traffic-confirmation attacks by using the pattern of RELAY and RELAY_EARLY cells as a means of communicating information about hidden service names."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-01-04T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "60084", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/60084"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://trac.torproject.org/projects/tor/ticket/1038"}, {"name": "60647", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/60647"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-confirmation-attack"}, {"name": "[tor-talk] 20140730 Tor 0.2.5.6-alpha is out", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.torproject.org/pipermail/tor-talk/2014-July/034180.html"}, {"name": "[tor-announce] 20140730 Tor security advisory: \"relay early\" traffic confirmation attack", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.torproject.org/pipermail/tor-announce/2014-July/000094.html"}, {"name": "[tor-announce] 20140730 Tor 0.2.4.23 is released", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.torproject.org/pipermail/tor-announce/2014-July/000093.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-5117", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Tor before 0.2.4.23 and 0.2.5 before 0.2.5.6-alpha maintains a circuit after an inbound RELAY_EARLY cell is received by a client, which makes it easier for remote attackers to conduct traffic-confirmation attacks by using the pattern of RELAY and RELAY_EARLY cells as a means of communicating information about hidden service names."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "60084", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/60084"}, {"name": "https://trac.torproject.org/projects/tor/ticket/1038", "refsource": "CONFIRM", "url": "https://trac.torproject.org/projects/tor/ticket/1038"}, {"name": "60647", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/60647"}, {"name": "https://blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-confirmation-attack", "refsource": "CONFIRM", "url": "https://blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-confirmation-attack"}, {"name": "[tor-talk] 20140730 Tor 0.2.5.6-alpha is out", "refsource": "MLIST", "url": "https://lists.torproject.org/pipermail/tor-talk/2014-July/034180.html"}, {"name": "[tor-announce] 20140730 Tor security advisory: \"relay early\" traffic confirmation attack", "refsource": "MLIST", "url": "https://lists.torproject.org/pipermail/tor-announce/2014-July/000094.html"}, {"name": "[tor-announce] 20140730 Tor 0.2.4.23 is released", "refsource": "MLIST", "url": "https://lists.torproject.org/pipermail/tor-announce/2014-July/000093.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T11:34:37.419Z"}, "title": "CVE Program Container", "references": [{"name": "60084", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/60084"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://trac.torproject.org/projects/tor/ticket/1038"}, {"name": "60647", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/60647"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-confirmation-attack"}, {"name": "[tor-talk] 20140730 Tor 0.2.5.6-alpha is out", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.torproject.org/pipermail/tor-talk/2014-July/034180.html"}, {"name": "[tor-announce] 20140730 Tor security advisory: \"relay early\" traffic confirmation attack", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.torproject.org/pipermail/tor-announce/2014-July/000094.html"}, {"name": "[tor-announce] 20140730 Tor 0.2.4.23 is released", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.torproject.org/pipermail/tor-announce/2014-July/000093.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-5117", "datePublished": "2014-07-30T16:00:00", "dateReserved": "2014-07-30T00:00:00", "dateUpdated": "2024-08-06T11:34:37.419Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:torproject:tor:*:alpha:*:*:*:*:*:*", "matchCriteriaId": "935A56A2-DF93-488D-8096-230A01E446B7", "versionEndIncluding": "0.2.4.22", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "42286A56-BB47-4A3E-B092-1057311D4960", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.2:pre13:*:*:*:*:*:*", "matchCriteriaId": "47511223-D650-4207-9856-DE025823231A", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.2:pre14:*:*:*:*:*:*", "matchCriteriaId": "0AD6C8F2-3050-453B-8942-A1916E3FC12B", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.2:pre15:*:*:*:*:*:*", "matchCriteriaId": "B34E2465-7E2D-40FA-B8F7-33B057C459CB", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.2:pre16:*:*:*:*:*:*", "matchCriteriaId": "CB68EBE3-3517-4D04-8F40-7DE3A21BE9D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.2:pre17:*:*:*:*:*:*", "matchCriteriaId": "A4C33393-220A-46D7-8C9F-67E5623A5F12", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.2:pre18:*:*:*:*:*:*", "matchCriteriaId": "5519509B-B07D-4514-A404-D812DBF3239D", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.2:pre19:*:*:*:*:*:*", "matchCriteriaId": "D65FBECD-2EA2-4779-9198-B3CA4B67A49B", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.2:pre20:*:*:*:*:*:*", "matchCriteriaId": "CF20BBD0-CA62-4FB2-B46D-F9BBFEF452F6", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.2:pre21:*:*:*:*:*:*", "matchCriteriaId": "F2317720-AC9D-4BA5-A334-34FA389AA097", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.2:pre22:*:*:*:*:*:*", "matchCriteriaId": "136DB452-2322-4FC5-A195-04E561D1D49F", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.2:pre23:*:*:*:*:*:*", "matchCriteriaId": "3D483797-8490-4625-8AF0-E6FF3C02CD72", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.2:pre24:*:*:*:*:*:*", "matchCriteriaId": "2341BDA5-859F-4BF4-A009-2DEB7902108B", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.2:pre25:*:*:*:*:*:*", "matchCriteriaId": "61C72051-52C5-43EC-88BD-C9E112C08827", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.2:pre26:*:*:*:*:*:*", "matchCriteriaId": "8699607B-7F86-4167-8CE8-699FE8F43D21", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.2:pre27:*:*:*:*:*:*", "matchCriteriaId": "68ADC617-824D-4D1C-BDF8-4EB19D5656B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "D04E67E7-93DD-4E8F-B88C-9C8C0721CDAD", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "6D858688-5063-4D39-BF58-189333D71785", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "6978370D-97D0-4C26-B050-8B2045404D03", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "0A1F71E8-D642-4F22-B377-34F011BF9160", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "EA9ACB8B-8185-4581-ABE4-0D8CE3A28BE0", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "B37E9B4D-E5C4-44AB-834D-8B37F3029001", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "CB3E5A9D-4CA3-43D5-AF13-375B23891B51", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "B5561A8E-CF13-4243-975F-3E754494C4A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "1F6AD9BE-352A-4ED2-97DA-4D4948F87B27", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "3234D4EE-1B3F-4835-A387-F41D76178254", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "56068ADD-8079-497B-B031-1094F1DC15B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "206353C7-8644-4F44-96CD-1FBEB39F2771", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "F1C578AB-95AD-4160-9319-16A1497D528C", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "80CD91D9-CC8B-44AE-8FF9-056733B36E11", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.9.4:*:*:*:*:*:*:*", "matchCriteriaId": "0CD8CC62-0C9F-47C8-B686-B376F2261ECF", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.9.5:*:*:*:*:*:*:*", "matchCriteriaId": "F74DBE38-B5F0-4FFC-9F98-7A55326A23EF", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.9.6:*:*:*:*:*:*:*", "matchCriteriaId": "439B85D4-9DC8-447D-ACC8-EB12C43B4F3C", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.9.7:*:*:*:*:*:*:*", "matchCriteriaId": "85A83136-AF8F-46FE-848C-37B26EDBD1ED", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.9.8:*:*:*:*:*:*:*", "matchCriteriaId": "7BDE9034-B5AF-403A-8220-715347F44519", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.9.9:*:*:*:*:*:*:*", "matchCriteriaId": "379069A5-CEAC-42E0-B905-39F0AF29C954", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.9.10:*:*:*:*:*:*:*", "matchCriteriaId": "13A4435E-23A6-45F3-94B1-75219555DEDB", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "CF0E2924-3559-419C-A033-391549D5E7E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "53E280D9-3371-4106-A0AA-ECE3AD2753F9", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.0.12:*:*:*:*:*:*:*", "matchCriteriaId": "9B608EB4-FC95-48CC-A90C-D079B2446F6B", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.0.13:*:*:*:*:*:*:*", "matchCriteriaId": "E04B4802-C2FC-45FF-9C27-0B8E6DF8F1C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.0.14:*:*:*:*:*:*:*", "matchCriteriaId": "DC41D6A9-B645-427F-B141-9A3ACC755FE6", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.0.15:*:*:*:*:*:*:*", "matchCriteriaId": "7A28BAE2-8F08-4002-A700-AAC581CED48B", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.0.16:*:*:*:*:*:*:*", "matchCriteriaId": "7BD06667-698A-4F64-9431-727FC905C6C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.0.17:*:*:*:*:*:*:*", "matchCriteriaId": "6BB82CEC-AAE1-4393-B307-860AFB65C277", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.1.20:*:*:*:*:*:*:*", "matchCriteriaId": "0BDFC6E1-F7EB-4033-BB4B-58A9182694B5", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.1.21:*:*:*:*:*:*:*", "matchCriteriaId": "45284729-472F-48FD-AC9F-707A3174ADD2", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.1.22:*:*:*:*:*:*:*", "matchCriteriaId": "5B266267-98D0-4245-B455-08B2B9B69DA1", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.1.23:*:*:*:*:*:*:*", "matchCriteriaId": "CB3CD2DF-9659-4C0A-A046-9AC6E566A558", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.1.24:*:*:*:*:*:*:*", "matchCriteriaId": "38A24E38-F136-41EA-A8EB-CD279EC9DE54", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.1.25:*:*:*:*:*:*:*", "matchCriteriaId": "FDF29849-516A-4731-B6ED-767B09024232", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.1.26:*:*:*:*:*:*:*", "matchCriteriaId": "AA26D387-0326-4CD5-98B0-F67D5621D2A3", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.2.13:*:*:*:*:*:*:*", "matchCriteriaId": "F05957B6-A8DF-4A04-8553-232101DEC9FC", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.2.14:*:*:*:*:*:*:*", "matchCriteriaId": "DC17296B-23A2-427B-8D41-4BED6E22DA60", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.2.15:*:*:*:*:*:*:*", "matchCriteriaId": "79B573F9-9966-4D61-802A-BBE3778FD3C3", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.2.16:*:*:*:*:*:*:*", "matchCriteriaId": "F5D625E1-0DA6-483E-A251-E161E6108225", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.2.17:*:*:*:*:*:*:*", "matchCriteriaId": "6D07F398-828C-4008-BC3E-3E511339B437", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.2.18:*:*:*:*:*:*:*", "matchCriteriaId": "6FB18F2C-1E37-48FA-9DAE-C20B9B7B80E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.2.19:*:*:*:*:*:*:*", "matchCriteriaId": "39D81D6F-372A-41AE-B42D-2BB1C4D4AB4F", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.0.30:*:*:*:*:*:*:*", "matchCriteriaId": "52D2C091-8D45-4AC7-93FD-BAD81F2D6D63", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.0.31:*:*:*:*:*:*:*", "matchCriteriaId": "3283E8DB-8238-4796-9CEB-207C6BF1E797", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.0.32:*:*:*:*:*:*:*", "matchCriteriaId": "9737DA01-3E58-4229-AB03-16646F703F83", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.0.33:*:*:*:*:*:*:*", "matchCriteriaId": "D6B2D6EF-7451-4A78-87D0-9339F3E2AB2D", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.0.34:*:*:*:*:*:*:*", "matchCriteriaId": "D7ECB794-8331-48E7-BCD2-B9822F9C114A", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.0.35:*:*:*:*:*:*:*", "matchCriteriaId": "1F293F19-E2AA-4133-B4D0-C5E1B2AF9CD6", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.18:*:*:*:*:*:*:*", "matchCriteriaId": "10344C2C-3137-4D2F-99A7-7802B80DE126", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.19:*:*:*:*:*:*:*", "matchCriteriaId": "C0182C38-23CC-4E54-8C3F-6AA4A3B863DF", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.20:*:*:*:*:*:*:*", "matchCriteriaId": "7B75EC06-BF76-4CA0-B604-6324AC6FC240", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.21:*:*:*:*:*:*:*", "matchCriteriaId": "16C53110-3FDC-4F28-9C4D-D08E14C6DB8C", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.22:*:*:*:*:*:*:*", "matchCriteriaId": "729E4E08-2556-4A29-829D-318719EE734B", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.23:*:*:*:*:*:*:*", "matchCriteriaId": "8B138D53-A28F-43CC-91F1-6B073A2F10F3", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.24:*:*:*:*:*:*:*", "matchCriteriaId": "7B20CCDC-94FF-4BDA-9111-E47AA8D475BA", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.25:*:*:*:*:*:*:*", "matchCriteriaId": "BB96E018-34C5-4462-B89C-55C42C8384D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.26:*:*:*:*:*:*:*", "matchCriteriaId": "BE594F43-0630-4937-A7AB-F8F9590A4167", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.27:*:*:*:*:*:*:*", "matchCriteriaId": "66A60CAC-A278-4AA2-A89A-E00E3D3B4127", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.28:*:*:*:*:*:*:*", "matchCriteriaId": "787E7A32-2CC4-43C1-8324-66772736F4D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.29:*:*:*:*:*:*:*", "matchCriteriaId": "36A36AAD-FB31-4793-A64B-1FAD90654687", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.30:*:*:*:*:*:*:*", "matchCriteriaId": "B5D9043C-E793-4505-9499-03B36D1F1545", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.31:*:*:*:*:*:*:*", "matchCriteriaId": "C0964E57-978F-445F-BBB1-817DBA1E8517", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.32:*:*:*:*:*:*:*", "matchCriteriaId": "933AC26E-E1CD-4B5B-B15A-31796B4B843F", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.33:*:*:*:*:*:*:*", "matchCriteriaId": "930D1039-AE12-41DE-BF9E-5BCB3FF396E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.34:*:*:*:*:*:*:*", "matchCriteriaId": "5ABBC508-673E-405E-8760-EA156C3A1B84", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.35:*:*:*:*:*:*:*", "matchCriteriaId": "93DBADBE-A941-4253-A509-9484BAF0FB7B", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.36:*:*:*:*:*:*:*", "matchCriteriaId": "60D4C951-CA2B-44F5-97C7-C1BE4B27B0C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.37:*:*:*:*:*:*:*", "matchCriteriaId": "146CEE2D-5FD6-4F2F-95E2-AB9D982C1D34", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.38:*:*:*:*:*:*:*", "matchCriteriaId": "70EB1D7F-0E37-43B4-86CB-3E3D91056974", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "A308F86E-B64B-40CA-A880-827F5FDCFCC3", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.3.13:alpha:*:*:*:*:*:*", "matchCriteriaId": "888C8557-D3B3-43C9-9602-AA707EA20D53", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.3.14:alpha:*:*:*:*:*:*", "matchCriteriaId": "1A50B658-1049-4467-B95E-2F697F2DD8B7", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.3.15:alpha:*:*:*:*:*:*", "matchCriteriaId": "D60AE56E-EE6D-4992-BD5B-5E32F5DDB385", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.3.16:alpha:*:*:*:*:*:*", "matchCriteriaId": "695A8085-2198-4DB7-BA5B-734063FB74D9", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.3.17:beta:*:*:*:*:*:*", "matchCriteriaId": "35936C42-AAA8-40FC-803D-2F56D8B881BA", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.3.18:rc:*:*:*:*:*:*", "matchCriteriaId": "EB448439-B7C3-441F-8923-AC125324A517", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.3.19:rc:*:*:*:*:*:*", "matchCriteriaId": "9F471155-F0ED-4F73-A04C-EF39DFC9F666", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.3.20:rc:*:*:*:*:*:*", "matchCriteriaId": "D93C514A-0BCB-4BDD-84C2-6C78D346FC13", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.3.21:rc:*:*:*:*:*:*", "matchCriteriaId": "5F4A9816-F5D0-42DA-9ADB-F0D2B4A08A74", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.3.22:rc:*:*:*:*:*:*", "matchCriteriaId": "6B44CB99-1F06-4042-A8AA-AB520DE38511", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.3.23:rc:*:*:*:*:*:*", "matchCriteriaId": "DBEFA4D9-67B6-474C-B92D-0BB970FE78C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.3.24:rc:*:*:*:*:*:*", "matchCriteriaId": "52BAD857-DA86-4BB0-88AA-63C611E87BAB", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.4.1:alpha:*:*:*:*:*:*", "matchCriteriaId": "0CDF07FC-69FD-439D-807F-01B70803C6C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.4.2:alpha:*:*:*:*:*:*", "matchCriteriaId": "A8433119-07E6-47BD-B8E6-4E0BBB694811", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.4.3:alpha:*:*:*:*:*:*", "matchCriteriaId": "B5EAA2B8-1923-4BB3-A685-E7B6275E9FD6", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.4.4:alpha:*:*:*:*:*:*", "matchCriteriaId": "2A03FBE6-EC3D-4D24-9447-B75CE67F2737", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.4.5:alpha:*:*:*:*:*:*", "matchCriteriaId": "40221BB3-73E6-4E7D-8994-BFCC8C8C0EDE", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.4.6:alpha:*:*:*:*:*:*", "matchCriteriaId": "3A1BFADB-776C-4522-9747-2BB094A5091F", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.4.7:alpha:*:*:*:*:*:*", "matchCriteriaId": "CCE1D379-5374-4158-8310-96F2CA67ED61", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.4.8:alpha:*:*:*:*:*:*", "matchCriteriaId": "160AC840-E501-4DE4-AF63-E5F987219F6C", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.4.9:alpha:*:*:*:*:*:*", "matchCriteriaId": "CA548CBD-31C5-4261-91A5-0D1314B827F0", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.4.10:alpha:*:*:*:*:*:*", "matchCriteriaId": "D3421BEF-A468-4947-8EA7-02BF500D511C", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.4.11:alpha:*:*:*:*:*:*", "matchCriteriaId": "15D0BE3B-F4A4-4E18-9D83-487AFB366BBB", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.4.12:alpha:*:*:*:*:*:*", "matchCriteriaId": "A3DDD7F0-D041-40FF-919A-2C905A7E2238", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.4.13:alpha:*:*:*:*:*:*", "matchCriteriaId": "088D58DE-5C4D-4E0C-8CF4-3A2109D3F4A2", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.4.14:alpha:*:*:*:*:*:*", "matchCriteriaId": "082F51D5-5890-45A9-8EDA-0E0215C0EAEF", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.4.15:rc:*:*:*:*:*:*", "matchCriteriaId": "72C8D3FA-8B99-4A4D-BC62-FD50EF77CEC0", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.4.16:rc:*:*:*:*:*:*", "matchCriteriaId": "FDFF7FEE-4B36-4B86-8BC2-64C9009B3D80", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.4.17:rc:*:*:*:*:*:*", "matchCriteriaId": "D5A18B95-0EEB-403C-A9C1-E559DBC64E2E", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.4.18:rc:*:*:*:*:*:*", "matchCriteriaId": "FCFFA8A6-6D1A-4CFF-95A8-5FF2BE6287C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.4.19:*:*:*:*:*:*:*", "matchCriteriaId": "0836F444-5C80-436F-BD3C-ECBB53A24DA1", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.4.20:*:*:*:*:*:*:*", "matchCriteriaId": "8B67CD90-35C0-412A-A1F9-B159697E9B7B", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.5.2:alpha:*:*:*:*:*:*", "matchCriteriaId": "86E9B839-B753-41A3-A127-17CC928A6B9E", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.5.3:alpha:*:*:*:*:*:*", "matchCriteriaId": "B6BCD4D1-7B94-44E3-B87F-F7BD0F636745", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.5.4:alpha:*:*:*:*:*:*", "matchCriteriaId": "2E71D935-2A57-440D-A3A3-E91A2C0D4104", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.5.5:alpha:*:*:*:*:*:*", "matchCriteriaId": "9BCA77D5-38BE-4161-AC32-4099C54F2252", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Tor before 0.2.4.23 and 0.2.5 before 0.2.5.6-alpha maintains a circuit after an inbound RELAY_EARLY cell is received by a client, which makes it easier for remote attackers to conduct traffic-confirmation attacks by using the pattern of RELAY and RELAY_EARLY cells as a means of communicating information about hidden service names."}, {"lang": "es", "value": "Tor anterior a 0.2.4.23 y 0.2.5 anterior a 0.2.5.6-alpha mantiene un circuito despu\u00e9s de que un cliente reciba una c\u00e9lula RELAY_EARLY entrante, lo que facilita a atacantes remotos realizar ataques de confirmaci\u00f3n de trafico mediante el uso de la pauta de c\u00e9lulas RELAY y RELAY_EARLY como la manera de comunicar informaci\u00f3n a cerca de nombres escondidos de servicios."}], "id": "CVE-2014-5117", "lastModified": "2024-11-21T02:11:27.443", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-07-30T16:55:07.073", "references": [{"source": "cve@mitre.org", "url": "http://secunia.com/advisories/60084"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/60647"}, {"source": "cve@mitre.org", "url": "https://blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-confirmation-attack"}, {"source": "cve@mitre.org", "url": "https://lists.torproject.org/pipermail/tor-announce/2014-July/000093.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://lists.torproject.org/pipermail/tor-announce/2014-July/000094.html"}, {"source": "cve@mitre.org", "url": "https://lists.torproject.org/pipermail/tor-talk/2014-July/034180.html"}, {"source": "cve@mitre.org", "url": "https://trac.torproject.org/projects/tor/ticket/1038"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/60084"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/60647"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-confirmation-attack"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.torproject.org/pipermail/tor-announce/2014-July/000093.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://lists.torproject.org/pipermail/tor-announce/2014-July/000094.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.torproject.org/pipermail/tor-talk/2014-July/034180.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://trac.torproject.org/projects/tor/ticket/1038"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}