CVE-2007-4098 - OpenCVE

Tor before 0.1.2.15 does not properly distinguish "streamids from different exits," which might allow remote attackers with control over Tor routers to inject cells into arbitrary streams.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:N/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Tor	Tor

Configuration 1 [-]

OR	cpe:2.3:a:tor:tor:0.1.0.10:::::::*
	cpe:2.3:a:tor:tor:0.1.0.11:::::::*
	cpe:2.3:a:tor:tor:0.1.0.12:::::::*
	cpe:2.3:a:tor:tor:0.1.0.13:::::::*
	cpe:2.3:a:tor:tor:0.1.0.14:::::::*
	cpe:2.3:a:tor:tor:0.1.0.18:::::::*
	cpe:2.3:a:tor:tor:0.1.1.1_alpha:::::::*
	cpe:2.3:a:tor:tor:0.1.1.2_alpha:::::::*
	cpe:2.3:a:tor:tor:0.1.1.3_alpha:::::::*
	cpe:2.3:a:tor:tor:0.1.1.4_alpha:::::::*
	cpe:2.3:a:tor:tor:0.1.1.5_alpha:::::::*
	cpe:2.3:a:tor:tor:0.1.1.20:::::::*
	cpe:2.3:a:tor:tor:0.1.1.23:::::::*
	cpe:2.3:a:tor:tor:0.1.2.1_alpha-cvs:::::::*
	cpe:2.3:a:tor:tor:0.1.2.14:::::::*

References

Link	Resource
http://archives.seul.org/or/announce/Jul-2007/msg00000.html	Patch
http://osvdb.org/46970
http://secunia.com/advisories/26140	Patch Vendor Advisory
http://www.securityfocus.com/bid/25035	Patch
http://www.vupen.com/english/advisories/2007/2634

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2007-07-30T21:00:00

Updated: 2008-11-15T10:00:00

Reserved: 2007-07-30T00:00:00

Link: CVE-2007-4098

JSON object: View

NVD Information

Status : Modified

Published: 2007-07-30T21:17:00.000

Modified: 2011-03-08T02:57:48.250

Link: CVE-2007-4098

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-07-23T00:00:00", "descriptions": [{"lang": "en", "value": "Tor before 0.1.2.15 does not properly distinguish \"streamids from different exits,\" which might allow remote attackers with control over Tor routers to inject cells into arbitrary streams."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2008-11-15T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "25035", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/25035"}, {"name": "26140", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26140"}, {"name": "46970", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/46970"}, {"name": "ADV-2007-2634", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/2634"}, {"name": "[or-announce] 20070723 Tor 0.1.2.15 is released", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://archives.seul.org/or/announce/Jul-2007/msg00000.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-4098", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Tor before 0.1.2.15 does not properly distinguish \"streamids from different exits,\" which might allow remote attackers with control over Tor routers to inject cells into arbitrary streams."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "25035", "refsource": "BID", "url": "http://www.securityfocus.com/bid/25035"}, {"name": "26140", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26140"}, {"name": "46970", "refsource": "OSVDB", "url": "http://osvdb.org/46970"}, {"name": "ADV-2007-2634", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/2634"}, {"name": "[or-announce] 20070723 Tor 0.1.2.15 is released", "refsource": "MLIST", "url": "http://archives.seul.org/or/announce/Jul-2007/msg00000.html"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-4098", "datePublished": "2007-07-30T21:00:00", "dateReserved": "2007-07-30T00:00:00", "dateUpdated": "2008-11-15T10:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tor:tor:0.1.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "C04309D4-FEA8-47EA-BB9A-8CBD341B475F", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "8607F3C9-F185-4B87-8A1B-B9495A4F244D", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.0.12:*:*:*:*:*:*:*", "matchCriteriaId": "525A0E09-D4CF-42AA-8EB2-47E0E6CBA179", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.0.13:*:*:*:*:*:*:*", "matchCriteriaId": "667201BB-5FDA-4E51-B865-0AF8507DBCDA", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.0.14:*:*:*:*:*:*:*", "matchCriteriaId": "C1BA7280-1DF3-4A98-AFD2-C67406A32EA2", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.0.18:*:*:*:*:*:*:*", "matchCriteriaId": "D4E6BA17-6AE9-45ED-A8C3-F79463F427BE", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.1.1_alpha:*:*:*:*:*:*:*", "matchCriteriaId": "811CE708-CEE6-4B0F-98E5-E138C06EA382", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.1.2_alpha:*:*:*:*:*:*:*", "matchCriteriaId": "6860F802-FEC2-449A-A5FC-AFACCA8633CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.1.3_alpha:*:*:*:*:*:*:*", "matchCriteriaId": "A4CA23F0-7C49-430E-AD20-7C7BDCC1EEC8", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.1.4_alpha:*:*:*:*:*:*:*", "matchCriteriaId": "D4D9E677-01D2-4800-82AA-F5585475D500", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.1.5_alpha:*:*:*:*:*:*:*", "matchCriteriaId": "9C589D4F-60B3-450B-860A-9975BB47BBE2", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.1.20:*:*:*:*:*:*:*", "matchCriteriaId": "342D2B8A-A832-4CAB-9389-93764B0DE241", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.1.23:*:*:*:*:*:*:*", "matchCriteriaId": "4F0A70AA-931A-4906-B4AD-D56E90683716", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.2.1_alpha-cvs:*:*:*:*:*:*:*", "matchCriteriaId": "197BFA5D-8C65-4F59-B4A0-B6AB7B11EC07", "vulnerable": true}, {"criteria": "cpe:2.3:a:tor:tor:0.1.2.14:*:*:*:*:*:*:*", "matchCriteriaId": "EFC7477A-5DDA-42A6-828E-A818CCF208B7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Tor before 0.1.2.15 does not properly distinguish \"streamids from different exits,\" which might allow remote attackers with control over Tor routers to inject cells into arbitrary streams."}, {"lang": "es", "value": "Tor anterior a 0.1.2.15 no distingue de forma adecuada \"identificadores de tr\u00e1fico de diversas salidas,\" lo cual podr\u00eda permitir a atacantes remotos con control sobre los routers Tor inyectar celdas dentro de tr\u00e1fico de su elecci\u00f3n."}], "id": "CVE-2007-4098", "lastModified": "2011-03-08T02:57:48.250", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-07-30T21:17:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://archives.seul.org/or/announce/Jul-2007/msg00000.html"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/46970"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/26140"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/25035"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/2634"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}