Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The networkstatus_parse_vote_from_string function in routerparse.c in Tor before 0.2.2.38 does not properly handle an invalid flavor name, which allows remote attackers to cause a denial of service (out-of-bounds read and daemon crash) via a crafted (1) vote document or (2) consensus document.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Tor 拒绝服务漏洞
Vulnerability Description
Tor(The Onion Router)是第二代洋葱路由(onion routing)的一种实现,主要用于匿名访问互联网。 Tor 0.2.2.38之前版本中的routerparse.c中的‘networkstatus_parse_vote_from_string’函数中存在漏洞,该漏洞源于未正确处理无效的‘flavor’名。远程攻击者可利用该漏洞通过特制的(1)vote文档或(2)consensus文档导致拒绝服务(越界读取和守护进程崩溃)。
CVSS Information
N/A
Vulnerability Type
N/A