Sign-up

ID

VAR-201402-0034


CVE

CVE-2012-2250


TITLE

Tor Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2012-006130

DESCRIPTION

Tor before 0.2.3.24-rc allows remote attackers to cause a denial of service (assertion failure and daemon exit) by performing link protocol negotiation incorrectly. Tor (The Onion Router) is an implementation of the second generation of onion routing, mainly used for anonymous access to the Internet. The application is prone to a remote denial-of-service vulnerability. Attackers may exploit this issue to cause an affected application to crash, resulting in a denial-of-service condition. Versions prior to Tor 0.2.4.4-alpha are vulnerable

Trust: 2.43

sources: NVD: CVE-2012-2250 // JVNDB: JVNDB-2012-006130 // CNVD: CNVD-2014-00703 // BID: 65356

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2014-00703

AFFECTED PRODUCTS

vendor:torprojectmodel:torscope:eqversion:0.0.2

Trust: 1.9

vendor:torprojectmodel:torscope:eqversion:0.1.1.20

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.9.3

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.9.2

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.3

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.2.38

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.2.37

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.2.36

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.2.35

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.2.34

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.2.33

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.2.32

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.2.31

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.2.30

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.2.29

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.2.28

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.2.27

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.2.26

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.2.23

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.2.22

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.2.21

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.2.20

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.2.19

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.0.30

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.1.2.19

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.1.2.18

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.1.2.17

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.1.2.16

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.1.2.15

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.1.2.14

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.1.2.13

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.1.1.26

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.1.1.25

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.1.1.24

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.1.1.23

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.1.1.22

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.1.1.21

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.1.0.17

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.1.0.16

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.1.0.15

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.1.0.14

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.1.0.13

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.1.0.12

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.1.0.11

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.1.0.10

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.9.9

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.9.8

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.9.7

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.9.6

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.9.5

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.9.4

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.9.10

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.9.1

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.8.1

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.7.3

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.7.2

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.7.1

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.7

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.6.2

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.6.1

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.6

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.5

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.4

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.3

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.3.19

Trust: 1.0

vendor:torprojectmodel:torscope:eqversion:0.2.0.34

Trust: 1.0

vendor:torprojectmodel:torscope:eqversion:0.2.3.16

Trust: 1.0

vendor:torprojectmodel:torscope:eqversion:0.2.3.15

Trust: 1.0

vendor:torprojectmodel:torscope:eqversion:0.2.3.18

Trust: 1.0

vendor:torprojectmodel:torscope:eqversion:0.2.3.22

Trust: 1.0

vendor:torprojectmodel:torscope:eqversion:0.2.3.21

Trust: 1.0

vendor:torprojectmodel:torscope:eqversion:0.2.2.18

Trust: 1.0

vendor:torprojectmodel:torscope:eqversion:0.2.0.35

Trust: 1.0

vendor:torprojectmodel:torscope:eqversion:0.2.0.33

Trust: 1.0

vendor:torprojectmodel:torscope:eqversion:0.2.3.17

Trust: 1.0

vendor:torprojectmodel:torscope:lteversion:0.2.3.23

Trust: 1.0

vendor:torprojectmodel:torscope:eqversion:0.2.3.14

Trust: 1.0

vendor:torprojectmodel:torscope:eqversion:0.2.0.31

Trust: 1.0

vendor:torprojectmodel:torscope:eqversion:0.2.2.25

Trust: 1.0

vendor:torprojectmodel:torscope:eqversion:0.2.3.13

Trust: 1.0

vendor:torprojectmodel:torscope:eqversion:0.2.2.24

Trust: 1.0

vendor:torprojectmodel:torscope:eqversion:0.2.3.20

Trust: 1.0

vendor:torprojectmodel:torscope:eqversion:0.2.0.32

Trust: 1.0

vendor:the tormodel:torscope:ltversion:0.2.3.24-rc

Trust: 0.8

vendor:torprojectmodel:tor <0.2.3.24-rcscope: - version: -

Trust: 0.6

vendor:torprojectmodel:torscope:eqversion:0.2.3.23

Trust: 0.6

vendor:torprojectmodel:torscope:eqversion:0.2.225

Trust: 0.3

vendor:torprojectmodel:torscope:eqversion:0.2.224

Trust: 0.3

vendor:torprojectmodel:torscope:eqversion:0.2.35

Trust: 0.3

vendor:torprojectmodel:torscope:eqversion:0.2.34

Trust: 0.3

vendor:torprojectmodel:torscope:eqversion:0.2.33

Trust: 0.3

vendor:torprojectmodel:torscope:eqversion:0.2.32

Trust: 0.3

vendor:torprojectmodel:torscope:eqversion:0.2.31

Trust: 0.3

vendor:torprojectmodel:torscope:eqversion:0.2.4.19

Trust: 0.3

vendor:torprojectmodel:tor rcscope:eqversion:0.2.3.23

Trust: 0.3

vendor:torprojectmodel:tor rcscope:eqversion:0.2.3.22

Trust: 0.3

vendor:torprojectmodel:tor rcscope:eqversion:0.2.3.21

Trust: 0.3

vendor:torprojectmodel:tor rcscope:eqversion:0.2.3.20

Trust: 0.3

vendor:torprojectmodel:tor rcscope:eqversion:0.2.3.19

Trust: 0.3

vendor:torprojectmodel:tor rcscope:eqversion:0.2.3.18

Trust: 0.3

vendor:torprojectmodel:tor betascope:eqversion:0.2.3.17

Trust: 0.3

vendor:torprojectmodel:tor alphascope:eqversion:0.2.3.16

Trust: 0.3

vendor:torprojectmodel:tor alphascope:eqversion:0.2.3.15

Trust: 0.3

vendor:torprojectmodel:tor alphascope:eqversion:0.2.3.14

Trust: 0.3

vendor:torprojectmodel:tor alphascope:eqversion:0.2.3.13

Trust: 0.3

vendor:torprojectmodel:tor pre27scope:eqversion:0.0.2

Trust: 0.3

vendor:torprojectmodel:tor pre26scope:eqversion:0.0.2

Trust: 0.3

vendor:torprojectmodel:tor pre25scope:eqversion:0.0.2

Trust: 0.3

vendor:torprojectmodel:tor pre24scope:eqversion:0.0.2

Trust: 0.3

vendor:torprojectmodel:tor pre23scope:eqversion:0.0.2

Trust: 0.3

vendor:torprojectmodel:tor pre22scope:eqversion:0.0.2

Trust: 0.3

vendor:torprojectmodel:tor pre21scope:eqversion:0.0.2

Trust: 0.3

vendor:torprojectmodel:tor pre20scope:eqversion:0.0.2

Trust: 0.3

vendor:torprojectmodel:tor pre19scope:eqversion:0.0.2

Trust: 0.3

vendor:torprojectmodel:tor pre18scope:eqversion:0.0.2

Trust: 0.3

vendor:torprojectmodel:tor pre17scope:eqversion:0.0.2

Trust: 0.3

vendor:torprojectmodel:tor pre16scope:eqversion:0.0.2

Trust: 0.3

vendor:torprojectmodel:tor pre15scope:eqversion:0.0.2

Trust: 0.3

vendor:torprojectmodel:tor pre14scope:eqversion:0.0.2

Trust: 0.3

vendor:torprojectmodel:tor pre13scope:eqversion:0.0.2

Trust: 0.3

vendor:torprojectmodel:tor alphascope:neversion:0.2.4.4

Trust: 0.3

sources: CNVD: CNVD-2014-00703 // BID: 65356 // JVNDB: JVNDB-2012-006130 // CNNVD: CNNVD-201402-016 // NVD: CVE-2012-2250

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2012-2250
value: MEDIUM

Trust: 1.0

NVD: CVE-2012-2250
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2014-00703
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201402-016
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2012-2250
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2014-00703
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2014-00703 // JVNDB: JVNDB-2012-006130 // CNNVD: CNNVD-201402-016 // NVD: CVE-2012-2250

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2012-2250

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201402-016

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201402-016

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2012-006130

PATCH
title:Bug 1060768url:https://bugzilla.redhat.com/show_bug.cgi?id=1060768
Trust: 0.8
title:ChangeLogurl:https://gitweb.torproject.org/tor.git?a=blob_plain;hb=HEAD;f=ChangeLog
Trust: 0.8
title:Patch for Tor Remote Denial of Service Vulnerability (CNVD-2014-00703)url:https://www.cnvd.org.cn/patchInfo/show/43275
Trust: 0.6
title:tor-0.2.3.24-rcurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=47816
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2014-00703 // 
            
            
            
            JVNDB: JVNDB-2012-006130 // 
            
            
            
            CNNVD: CNNVD-201402-016

EXTERNAL IDS
db:NVDid:CVE-2012-2250
Trust: 3.3
db:BIDid:65356
Trust: 0.9
db:JVNDBid:JVNDB-2012-006130
Trust: 0.8
db:CNVDid:CNVD-2014-00703
Trust: 0.6
db:CNNVDid:CNNVD-201402-016
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2014-00703 // 
            
            
            
            BID: 65356 // 
            
            
            
            JVNDB: JVNDB-2012-006130 // 
            
            
            
            CNNVD: CNNVD-201402-016 // 
            
            
            
            NVD: CVE-2012-2250

REFERENCES
url:https://gitweb.torproject.org/tor.git?a=blob_plain;hb=head;f=changelog
Trust: 1.5
url:https://gitweb.torproject.org/tor.git?a=blob_plain%3bhb=head%3bf=changelog
Trust: 1.0
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2250
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2250
Trust: 0.8
url:http://debian.2.n7.nabble.com/bug-691499-unblock-tor-0-2-3-24-rc-1-td2788119.html
Trust: 0.8
url:https://www.torproject.org/index.html.en
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2014-00703 // 
            
            
            
            BID: 65356 // 
            
            
            
            JVNDB: JVNDB-2012-006130 // 
            
            
            
            CNNVD: CNNVD-201402-016 // 
            
            
            
            NVD: CVE-2012-2250

CREDITS
The vendor reported this issue.
Trust: 0.3
sources:
            
            
            BID: 65356

SOURCES
db:CNVDid:CNVD-2014-00703
db:BIDid:65356
db:JVNDBid:JVNDB-2012-006130
db:CNNVDid:CNNVD-201402-016
db:NVDid:CVE-2012-2250

LAST UPDATE DATE
2024-08-14T13:58:02.671000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2014-00703date:2014-02-11T00:00:00
db:BIDid:65356date:2012-10-25T00:00:00
db:JVNDBid:JVNDB-2012-006130date:2014-02-04T00:00:00
db:CNNVDid:CNNVD-201402-016date:2014-02-08T00:00:00
db:NVDid:CVE-2012-2250date:2023-11-07T02:10:26.173

SOURCES RELEASE DATE
db:CNVDid:CNVD-2014-00703date:2014-02-11T00:00:00
db:BIDid:65356date:2012-10-25T00:00:00
db:JVNDBid:JVNDB-2012-006130date:2014-02-04T00:00:00
db:CNNVDid:CNNVD-201402-016date:2014-02-08T00:00:00
db:NVDid:CVE-2012-2250date:2014-02-03T03:55:03.660