Sign-up

ID

VAR-201402-0035


CVE

CVE-2012-2249


TITLE

Tor Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2012-006129

DESCRIPTION

Tor before 0.2.3.23-rc allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a renegotiation attempt that occurs after the initiation of the V3 link protocol. Tor (The Onion Router) is an implementation of the second generation of onion routing, mainly used for anonymous access to the Internet. A denial of service vulnerability exists in versions prior to Tor 0.2.3.23-rc that could allow a remote attacker to compromise an affected application. The application is prone to a remote denial-of-service vulnerability. Attackers may exploit this issue to cause an affected application to crash, resulting in a denial-of-service condition. Versions prior to Tor 0.2.4.4-alpha are vulnerable

Trust: 2.43

sources: NVD: CVE-2012-2249 // JVNDB: JVNDB-2012-006129 // CNVD: CNVD-2014-00702 // BID: 65357

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2014-00702

AFFECTED PRODUCTS

vendor:torprojectmodel:torscope:eqversion:0.1.1.20

Trust: 1.9

vendor:torprojectmodel:torscope:eqversion:0.0.2

Trust: 1.9

vendor:torprojectmodel:torscope:eqversion:0.1.1.22

Trust: 1.9

vendor:torprojectmodel:torscope:eqversion:0.1.1.21

Trust: 1.9

vendor:torprojectmodel:torscope:eqversion:0.1.0.17

Trust: 1.9

vendor:torprojectmodel:torscope:eqversion:0.1.0.16

Trust: 1.9

vendor:torprojectmodel:torscope:eqversion:0.1.0.15

Trust: 1.9

vendor:torprojectmodel:torscope:eqversion:0.0.9.3

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.9.2

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.3

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.2.38

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.2.37

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.2.36

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.2.35

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.2.34

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.2.33

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.2.32

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.2.31

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.2.30

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.2.29

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.2.28

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.2.27

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.2.26

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.2.23

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.2.22

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.2.21

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.2.20

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.2.19

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.2.0.30

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.1.2.19

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.1.2.18

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.1.2.17

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.1.2.16

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.1.2.15

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.1.2.14

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.1.2.13

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.1.1.26

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.1.1.25

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.1.1.24

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.1.1.23

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.1.0.14

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.1.0.13

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.1.0.12

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.1.0.11

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.1.0.10

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.9.9

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.9.8

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.9.7

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.9.6

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.9.5

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.9.4

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.9.10

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.9.1

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.8.1

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.7.3

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.7.2

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.7.1

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.7

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.6.2

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.6.1

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.6

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.5

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.4

Trust: 1.3

vendor:torprojectmodel:torscope:eqversion:0.0.3

Trust: 1.3

vendor:torprojectmodel:torscope:lteversion:0.2.3.22

Trust: 1.0

vendor:torprojectmodel:torscope:eqversion:0.2.3.19

Trust: 1.0

vendor:torprojectmodel:torscope:eqversion:0.2.0.34

Trust: 1.0

vendor:torprojectmodel:torscope:eqversion:0.2.3.16

Trust: 1.0

vendor:torprojectmodel:torscope:eqversion:0.2.3.15

Trust: 1.0

vendor:torprojectmodel:torscope:eqversion:0.2.3.18

Trust: 1.0

vendor:torprojectmodel:torscope:eqversion:0.2.3.21

Trust: 1.0

vendor:torprojectmodel:torscope:eqversion:0.2.2.18

Trust: 1.0

vendor:torprojectmodel:torscope:eqversion:0.2.0.35

Trust: 1.0

vendor:torprojectmodel:torscope:eqversion:0.2.0.33

Trust: 1.0

vendor:torprojectmodel:torscope:eqversion:0.2.3.17

Trust: 1.0

vendor:torprojectmodel:torscope:eqversion:0.2.3.14

Trust: 1.0

vendor:torprojectmodel:torscope:eqversion:0.2.0.31

Trust: 1.0

vendor:torprojectmodel:torscope:eqversion:0.2.2.25

Trust: 1.0

vendor:torprojectmodel:torscope:eqversion:0.2.3.13

Trust: 1.0

vendor:torprojectmodel:torscope:eqversion:0.2.2.24

Trust: 1.0

vendor:torprojectmodel:torscope:eqversion:0.2.3.20

Trust: 1.0

vendor:torprojectmodel:torscope:eqversion:0.2.0.32

Trust: 1.0

vendor:the tormodel:torscope:ltversion:0.2.3.23-rc

Trust: 0.8

vendor:torprojectmodel:tor <0.2.3.24-rcscope: - version: -

Trust: 0.6

vendor:torprojectmodel:torscope:eqversion:0.2.225

Trust: 0.3

vendor:torprojectmodel:torscope:eqversion:0.2.224

Trust: 0.3

vendor:torprojectmodel:torscope:eqversion:0.2.35

Trust: 0.3

vendor:torprojectmodel:torscope:eqversion:0.2.34

Trust: 0.3

vendor:torprojectmodel:torscope:eqversion:0.2.33

Trust: 0.3

vendor:torprojectmodel:torscope:eqversion:0.2.32

Trust: 0.3

vendor:torprojectmodel:torscope:eqversion:0.2.31

Trust: 0.3

vendor:torprojectmodel:torscope:eqversion:0.2.4.19

Trust: 0.3

vendor:torprojectmodel:tor rcscope:eqversion:0.2.3.24

Trust: 0.3

vendor:torprojectmodel:tor rcscope:eqversion:0.2.3.23

Trust: 0.3

vendor:torprojectmodel:tor rcscope:eqversion:0.2.3.22

Trust: 0.3

vendor:torprojectmodel:tor rcscope:eqversion:0.2.3.21

Trust: 0.3

vendor:torprojectmodel:tor rcscope:eqversion:0.2.3.20

Trust: 0.3

vendor:torprojectmodel:tor rcscope:eqversion:0.2.3.19

Trust: 0.3

vendor:torprojectmodel:tor rcscope:eqversion:0.2.3.18

Trust: 0.3

vendor:torprojectmodel:tor betascope:eqversion:0.2.3.17

Trust: 0.3

vendor:torprojectmodel:tor alphascope:eqversion:0.2.3.16

Trust: 0.3

vendor:torprojectmodel:tor alphascope:eqversion:0.2.3.15

Trust: 0.3

vendor:torprojectmodel:tor alphascope:eqversion:0.2.3.14

Trust: 0.3

vendor:torprojectmodel:tor alphascope:eqversion:0.2.3.13

Trust: 0.3

vendor:torprojectmodel:tor pre27scope:eqversion:0.0.2

Trust: 0.3

vendor:torprojectmodel:tor pre26scope:eqversion:0.0.2

Trust: 0.3

vendor:torprojectmodel:tor pre25scope:eqversion:0.0.2

Trust: 0.3

vendor:torprojectmodel:tor pre24scope:eqversion:0.0.2

Trust: 0.3

vendor:torprojectmodel:tor pre23scope:eqversion:0.0.2

Trust: 0.3

vendor:torprojectmodel:tor pre22scope:eqversion:0.0.2

Trust: 0.3

vendor:torprojectmodel:tor pre21scope:eqversion:0.0.2

Trust: 0.3

vendor:torprojectmodel:tor pre20scope:eqversion:0.0.2

Trust: 0.3

vendor:torprojectmodel:tor pre19scope:eqversion:0.0.2

Trust: 0.3

vendor:torprojectmodel:tor pre18scope:eqversion:0.0.2

Trust: 0.3

vendor:torprojectmodel:tor pre17scope:eqversion:0.0.2

Trust: 0.3

vendor:torprojectmodel:tor pre16scope:eqversion:0.0.2

Trust: 0.3

vendor:torprojectmodel:tor pre15scope:eqversion:0.0.2

Trust: 0.3

vendor:torprojectmodel:tor pre14scope:eqversion:0.0.2

Trust: 0.3

vendor:torprojectmodel:tor pre13scope:eqversion:0.0.2

Trust: 0.3

vendor:torprojectmodel:tor alphascope:neversion:0.2.4.4

Trust: 0.3

sources: CNVD: CNVD-2014-00702 // BID: 65357 // JVNDB: JVNDB-2012-006129 // CNNVD: CNNVD-201402-015 // NVD: CVE-2012-2249

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2012-2249
value: MEDIUM

Trust: 1.0

NVD: CVE-2012-2249
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2014-00702
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201402-015
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2012-2249
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2014-00702
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2014-00702 // JVNDB: JVNDB-2012-006129 // CNNVD: CNNVD-201402-015 // NVD: CVE-2012-2249

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2012-2249

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201402-015

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201402-015

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2012-006129

PATCH
title:Bug 1060758url:https://bugzilla.redhat.com/show_bug.cgi?id=1060758
Trust: 0.8
title:ChangeLogurl:https://gitweb.torproject.org/tor.git?a=blob_plain;hb=HEAD;f=ChangeLog
Trust: 0.8
title:Patch for Tor Remote Denial of Service Vulnerability (CNVD-2014-00702)url:https://www.cnvd.org.cn/patchInfo/show/43279
Trust: 0.6
title:tor_0.2.3.23-rc.origurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=47817
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2014-00702 // 
            
            
            
            JVNDB: JVNDB-2012-006129 // 
            
            
            
            CNNVD: CNNVD-201402-015

EXTERNAL IDS
db:NVDid:CVE-2012-2249
Trust: 3.3
db:BIDid:65357
Trust: 0.9
db:JVNDBid:JVNDB-2012-006129
Trust: 0.8
db:CNVDid:CNVD-2014-00702
Trust: 0.6
db:CNNVDid:CNNVD-201402-015
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2014-00702 // 
            
            
            
            BID: 65357 // 
            
            
            
            JVNDB: JVNDB-2012-006129 // 
            
            
            
            CNNVD: CNNVD-201402-015 // 
            
            
            
            NVD: CVE-2012-2249

REFERENCES
url:https://gitweb.torproject.org/tor.git?a=blob_plain;hb=head;f=changelog
Trust: 1.5
url:https://gitweb.torproject.org/tor.git?a=blob_plain%3bhb=head%3bf=changelog
Trust: 1.0
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2249
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2249
Trust: 0.8
url:http://debian.2.n7.nabble.com/bug-691499-unblock-tor-0-2-3-24-rc-1-td2788119.html
Trust: 0.8
url:https://www.torproject.org/index.html.en
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2014-00702 // 
            
            
            
            BID: 65357 // 
            
            
            
            JVNDB: JVNDB-2012-006129 // 
            
            
            
            CNNVD: CNNVD-201402-015 // 
            
            
            
            NVD: CVE-2012-2249

CREDITS
The vendor reported this issue.
Trust: 0.3
sources:
            
            
            BID: 65357

SOURCES
db:CNVDid:CNVD-2014-00702
db:BIDid:65357
db:JVNDBid:JVNDB-2012-006129
db:CNNVDid:CNNVD-201402-015
db:NVDid:CVE-2012-2249

LAST UPDATE DATE
2024-08-14T14:06:38.292000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2014-00702date:2014-02-11T00:00:00
db:BIDid:65357date:2012-10-20T00:00:00
db:JVNDBid:JVNDB-2012-006129date:2014-02-04T00:00:00
db:CNNVDid:CNNVD-201402-015date:2014-02-08T00:00:00
db:NVDid:CVE-2012-2249date:2023-11-07T02:10:26.090

SOURCES RELEASE DATE
db:CNVDid:CNVD-2014-00702date:2014-02-11T00:00:00
db:BIDid:65357date:2012-10-20T00:00:00
db:JVNDBid:JVNDB-2012-006129date:2014-02-04T00:00:00
db:CNNVDid:CNNVD-201402-015date:2014-02-08T00:00:00
db:NVDid:CVE-2012-2249date:2014-02-03T03:55:03.627