Vulnerabilities > CVE-2006-3411 - Unspecified vulnerability in TOR
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
TLS handshakes in Tor before 0.1.1.20 generate public-private keys based on TLS context rather than the connection, which makes it easier for remote attackers to conduct brute force attacks on the encryption keys.
Vulnerable Configurations
References
- http://secunia.com/advisories/20514
- http://secunia.com/advisories/20514
- http://security.gentoo.org/glsa/glsa-200606-04.xml
- http://security.gentoo.org/glsa/glsa-200606-04.xml
- http://tor.eff.org/cvs/tor/ChangeLog
- http://tor.eff.org/cvs/tor/ChangeLog
- http://www.osvdb.org/25876
- http://www.osvdb.org/25876