Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Tor before 0.2.2.34, when configured as a client or bridge, sends a TLS certificate chain as part of an outgoing OR connection, which allows remote relays to bypass intended anonymity properties by reading this chain and then determining the set of entry guards that the client or bridge had selected.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Tor 权限许可和访问控制问题漏洞
Vulnerability Description
Tor是一个虚拟隧道网络。允许个人和团体提高他们在 Internet 上的隐私和安全性。 Tor 0.2.2.34 之前存在权限许可和访问控制问题漏洞,当配置为客户端或桥接器时,将 TLS 证书链作为传出 OR 连接的一部分发送,这允许远程中继通过读取此链然后确定一组入口保护来绕过预期的匿名属性客户端或桥接器已选择。
CVSS Information
N/A
Vulnerability Type
N/A