CVE-2007-1103
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2007-1103
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2007-1103.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2007-1103
- Published
- 2007-02-26T17:28:00Z
- Modified
- 2025-01-08T03:20:25.156755Z
- Summary
- [none]
- Details
-
Tor does not verify a node's uptime and bandwidth advertisements, which allows remote attackers who operate a low resource node to make false claims of greater resources, which places the node into use for many circuits and compromises the anonymity of traffic sources and destinations.
- References
-
- http://archives.seul.org/or/talk/Feb-2007/msg00197.html
- http://archives.seul.org/or/talk/Feb-2007/msg00200.html
- http://archives.seul.org/or/talk/Feb-2007/msg00202.html
- http://osvdb.org/45249
- http://www.cs.colorado.edu/department/publications/reports/docs/CU-CS-1025-07.pdf
- https://security-tracker.debian.org/tracker/CVE-2007-1103
Affected packages
Debian:11 / tor
Package
- Name
- tor
- Purl
- pkg:deb/debian/tor?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
0.*
0.4.5.9-1
0.4.5.10-1~bpo10+1
0.4.5.10-1~deb11u1
0.4.5.10-1
0.4.5.16-1
0.4.6.2-alpha-1
0.4.6.3-rc-1
0.4.6.4-rc-1
0.4.6.6-1
0.4.6.7-1
0.4.6.8-1~bpo10+2
0.4.6.8-1~bpo11+2
0.4.6.8-1
0.4.6.9-1
0.4.6.10-1~bpo10+1
0.4.6.10-1~bpo11+1
0.4.6.10-1
0.4.7.3-alpha-1
0.4.7.4-alpha-1
0.4.7.5-alpha-1
0.4.7.6-rc-1
0.4.7.7-1~bpo10+1
0.4.7.7-1~bpo11+1
0.4.7.7-1
0.4.7.8-1~bpo10+1
0.4.7.8-1~bpo11+1
0.4.7.8-1
0.4.7.9-1
0.4.7.10-1~bpo10+1
0.4.7.10-1~bpo11+1
0.4.7.10-1
0.4.7.11-1~bpo11+1
0.4.7.11-1
0.4.7.12-1
0.4.7.13-1~bpo11+1
0.4.7.13-1
0.4.7.16-1
0.4.8.4-2
0.4.8.5-1
0.4.8.6-1
0.4.8.7-1
0.4.8.8-1
0.4.8.9-1~bpo11+1
0.4.8.9-1~bpo12+1
0.4.8.9-1
0.4.8.10-1~bpo11+1
0.4.8.10-1~bpo12+1
0.4.8.10-1
0.4.8.11-1~bpo11+1
0.4.8.11-1~bpo12+1
0.4.8.11-1
0.4.8.12-1~bpo11+1
0.4.8.12-1~bpo12+1
0.4.8.12-1
0.4.8.12-1.1
0.4.8.13-1
0.4.8.13-2~bpo12+1
0.4.8.13-2
Debian:12 / tor
Package
- Name
- tor
- Purl
- pkg:deb/debian/tor?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
0.*
0.4.7.13-1
0.4.7.16-1
0.4.8.4-2
0.4.8.5-1
0.4.8.6-1
0.4.8.7-1
0.4.8.8-1
0.4.8.9-1~bpo11+1
0.4.8.9-1~bpo12+1
0.4.8.9-1
0.4.8.10-1~bpo11+1
0.4.8.10-1~bpo12+1
0.4.8.10-1
0.4.8.11-1~bpo11+1
0.4.8.11-1~bpo12+1
0.4.8.11-1
0.4.8.12-1~bpo11+1
0.4.8.12-1~bpo12+1
0.4.8.12-1
0.4.8.12-1.1
0.4.8.13-1
0.4.8.13-2~bpo12+1
0.4.8.13-2
Debian:13 / tor
Package
- Name
- tor
- Purl
- pkg:deb/debian/tor?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
0.*
0.4.7.13-1
0.4.7.16-1
0.4.8.4-2
0.4.8.5-1
0.4.8.6-1
0.4.8.7-1
0.4.8.8-1
0.4.8.9-1~bpo11+1
0.4.8.9-1~bpo12+1
0.4.8.9-1
0.4.8.10-1~bpo11+1
0.4.8.10-1~bpo12+1
0.4.8.10-1
0.4.8.11-1~bpo11+1
0.4.8.11-1~bpo12+1
0.4.8.11-1
0.4.8.12-1~bpo11+1
0.4.8.12-1~bpo12+1
0.4.8.12-1
0.4.8.12-1.1
0.4.8.13-1
0.4.8.13-2~bpo12+1
0.4.8.13-2