Vulnerabilities > Debian > TOR > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-07-23 CVE-2017-11565 Unspecified vulnerability in Debian TOR 0.2.9.111
debian/tor.init in the Debian tor_0.2.9.11-1~deb9u1 package for Tor was designed to execute aa-exec from the standard system pathname if the apparmor package is installed, but implements this incorrectly (with a wrong assumption that the specific pathname would remain the same forever), which allows attackers to bypass intended AppArmor restrictions by leveraging the silent loss of this protection mechanism.
network
low complexity
debian
5.0