Vulnerabilities > CVE-2009-0414 - Resource Management Errors vulnerability in TOR

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
tor
CWE-399
critical
nessus

Summary

Unspecified vulnerability in Tor before 0.2.0.33 has unspecified impact and remote attack vectors that trigger heap corruption.

Vulnerable Configurations

Part Description Count
Application
Tor
160

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200904-11.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200904-11 (Tor: Multiple vulnerabilities) Theo de Raadt reported that the application does not properly drop privileges to the primary groups of the user specified via the
    last seen2020-06-01
    modified2020-06-02
    plugin id36139
    published2009-04-11
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/36139
    titleGLSA-200904-11 : Tor: Multiple vulnerabilities
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_100A9ED2EE5611DDAB4F0030843D3802.NASL
    descriptionSecunia reports : A vulnerability with an unknown impact has been reported in Tor. The vulnerability is caused due to an unspecified error and can be exploited to trigger a heap corruption. No further information is currently available.
    last seen2020-06-01
    modified2020-06-02
    plugin id35562
    published2009-02-01
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/35562
    titleFreeBSD : tor -- unspecified memory corruption vulnerability (100a9ed2-ee56-11dd-ab4f-0030843d3802)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2009-0897.NASL
    descriptionNew upstream release 0.2.0.33, with lots of bug fixes and one security fix: https://blog.torproject.org/blog/tor-0.2.0.33-stable-released Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id35457
    published2009-01-26
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/35457
    titleFedora 9 : tor-0.2.0.33-1.fc9 (2009-0897)