Back to search
CVE-2014-5117
Published: Jul 30, 2014
Modified: Aug 6, 2024
PUBLISHED
Description
Tor before 0.2.4.23 and 0.2.5 before 0.2.5.6-alpha maintains a circuit after an inbound RELAY_EARLY cell is received by a client, which makes it easier for remote attackers to conduct traffic-confirmation attacks by using the pattern of RELAY and RELAY_EARLY cells as a means of communicating information about hidden service names.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
60084
third-party-advisory
x_refsource_SECUNIA
https://trac.torproject.org/projects/tor/ticket/1038
x_refsource_CONFIRM
60647
third-party-advisory
x_refsource_SECUNIA
[tor-talk] 20140730 Tor 0.2.5.6-alpha is out
mailing-list
x_refsource_MLIST
[tor-announce] 20140730 Tor security advisory: "relay early" traffic confirmation attack
mailing-list
x_refsource_MLIST
[tor-announce] 20140730 Tor 0.2.4.23 is released
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now