← back
CVE-2010-0383

CVE-2010-0383

EPSS 1.7%
Tor before 0.2.1.22, and 0.2.2.x before 0.2.2.7-alpha, uses deprecated identity keys for certain directory authorities, which makes it easier for man-in-the-middle attackers to compromise the anonymity of traffic sources and destinations.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://archives.seul.org/or/announce/Jan-2010/msg00000.htmlhttp://archives.seul.org/or/talk/Jan-2010/msg00161.htmlhttp://archives.seul.org/or/talk/Jan-2010/msg00162.htmlhttp://archives.seul.org/or/talk/Jan-2010/msg00165.htmlhttp://osvdb.org/61977http://secunia.com/advisories/38198http://www.securityfocus.com/bid/37901