Details of VAR-201709-0618

ID

VAR-201709-0618

CVE

CVE-2017-0380

TITLE

Tor Vulnerable to information disclosure from log files

Trust: 0.8

sources: JVNDB: JVNDB-2017-008306

DESCRIPTION

The rend_service_intro_established function in or/rendservice.c in Tor before 0.2.8.15, 0.2.9.x before 0.2.9.12, 0.3.0.x before 0.3.0.11, 0.3.1.x before 0.3.1.7, and 0.3.2.x before 0.3.2.1-alpha, when SafeLogging is disabled, allows attackers to obtain sensitive information by leveraging access to the log files of a hidden service, because uninitialized stack data is included in an error message about construction of an introduction point circuit. Tor Contains a vulnerability related to information disclosure from log files.Information may be obtained. Tor is an implementation of the second generation of onion routing, which is mainly used to access the Internet anonymously. Tor is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3993-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff October 06, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : tor CVE ID : CVE-2017-0380 It was discovered that the Tor onion service could leak sensitive information to log files if the "SafeLogging" option is set to "0". The oldstable distribution (jessie) is not affected. For the stable distribution (stretch), this problem has been fixed in version 0.2.9.12-1. We recommend that you upgrade your tor packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlnX+bUACgkQEMKTtsN8 Tjb5ehAAnG7JAqEQtjrUAenUy9wZtmsqA5AtFf6goHCw9uYZ0Co2rAZbRQYKeerw z9TtW/gyKZdYSmY2jd82E9rJTHfuNX7J37LIfNqb8CMLf+eW5shnqghPX+R+MfXU q99ufaKpdDrK8ZRg3ECXpvHXLyzgYvlm8KAX/6bnv0Kt6nNvE3LCDSXvDjGcGuX/ VEnfZMk6GnxlIp/op3uXPYQYKm7BrModTMx7iKoTlBwhdlxh8MwTBsrEH+aQvIUo ZCqqOdU31Av6OngBmIwnkFPq/4FjXvS/lkmpXP6y6g7RCIAc8yf72wk0lNR5OqBX 2svQyr5ZqBH3fCM9eSDUV4nBvC8xUEETZQpMZRUqlF/SJcO33Jh+R+UE3HHh1Imy ozoxnx+qiKUWoUuSXnPCetXKaWH3alJXkp2JDsmoSAVwW/VBeGylsuQ2nAeYTcOb fdpXRqrL+w/w7VXCIAJ3bCN5N8j6otRtMUAntHgXfqxx72Zk5MQrco7aiPvLzten VyKYFxQiRcBV/JFR37Unklkgf4TNxwXhgVe8M6AiVvyyRcH0v8zEKn7HX53h+fSM W27BweGIE9qpOQlo1m8XiQml/3J8aJhAbvuwRoIoiwKb9Xos6+YdxCqDOJiFArk3 ozt2+7pKmawWD3dJotVIu8tOMOC8lYdP5H0YLy6Qt3X3+zm1x3g= =7kef -----END PGP SIGNATURE-----

Trust: 2.52

sources: NVD: CVE-2017-0380 // JVNDB: JVNDB-2017-008306 // CNVD: CNVD-2017-34623 // BID: 101222 // PACKETSTORM: 144540

IOT TAXONOMY

category:

['IoT']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2017-34623

AFFECTED PRODUCTS

vendor:	torproject	model:	tor	scope:	eq	version:	0.3.1.5	Trust: 1.9
vendor:	torproject	model:	tor	scope:	eq	version:	0.3.0.10	Trust: 1.9
vendor:	torproject	model:	tor	scope:	eq	version:	0.3.1.2	Trust: 1.6
vendor:	torproject	model:	tor	scope:	eq	version:	0.3.1.3	Trust: 1.6
vendor:	torproject	model:	tor	scope:	eq	version:	0.3.0.9	Trust: 1.6
vendor:	torproject	model:	tor	scope:	eq	version:	0.3.0.8	Trust: 1.6
vendor:	torproject	model:	tor	scope:	eq	version:	0.3.1.6	Trust: 1.6
vendor:	torproject	model:	tor	scope:	eq	version:	0.3.2	Trust: 1.6
vendor:	torproject	model:	tor	scope:	eq	version:	0.3.1.1	Trust: 1.6
vendor:	torproject	model:	tor	scope:	eq	version:	0.3.1.4	Trust: 1.6
vendor:	torproject	model:	tor	scope:	eq	version:	0.3.0.0	Trust: 1.3
vendor:	torproject	model:	tor	scope:	eq	version:	0.2.9.11	Trust: 1.3
vendor:	torproject	model:	tor	scope:	eq	version:	0.2.9.0	Trust: 1.3
vendor:	torproject	model:	tor	scope:	eq	version:	0.3.0.4	Trust: 1.0
vendor:	torproject	model:	tor	scope:	eq	version:	0.2.9.3	Trust: 1.0
vendor:	torproject	model:	tor	scope:	eq	version:	0.2.9.5	Trust: 1.0
vendor:	torproject	model:	tor	scope:	eq	version:	0.2.9.6	Trust: 1.0
vendor:	torproject	model:	tor	scope:	eq	version:	0.2.9.2	Trust: 1.0
vendor:	torproject	model:	tor	scope:	eq	version:	0.2.9.8	Trust: 1.0
vendor:	torproject	model:	tor	scope:	eq	version:	0.3.0.7	Trust: 1.0
vendor:	torproject	model:	tor	scope:	eq	version:	0.3.0.1	Trust: 1.0
vendor:	torproject	model:	tor	scope:	eq	version:	0.3.0.3	Trust: 1.0
vendor:	torproject	model:	tor	scope:	eq	version:	0.3.0.6	Trust: 1.0
vendor:	torproject	model:	tor	scope:	lte	version:	0.2.8.14	Trust: 1.0
vendor:	torproject	model:	tor	scope:	eq	version:	0.3.0.2	Trust: 1.0
vendor:	torproject	model:	tor	scope:	eq	version:	0.2.9.4	Trust: 1.0
vendor:	torproject	model:	tor	scope:	eq	version:	0.2.9.1	Trust: 1.0
vendor:	torproject	model:	tor	scope:	eq	version:	0.2.9.9	Trust: 1.0
vendor:	torproject	model:	tor	scope:	eq	version:	0.2.9.10	Trust: 1.0
vendor:	torproject	model:	tor	scope:	eq	version:	0.3.0.5	Trust: 1.0
vendor:	the tor	model:	tor	scope:	-	version:	-	Trust: 0.8
vendor:	tor	model:	tor	scope:	lt	version:	0.2.8.15	Trust: 0.6
vendor:	tor	model:	tor	scope:	eq	version:	0.2.9.*,<0.2.9.12	Trust: 0.6
vendor:	tor	model:	tor	scope:	eq	version:	0.3.0.*,<0.3.0.11	Trust: 0.6
vendor:	tor	model:	tor	scope:	eq	version:	0.3.1.*,<0.3.1.7	Trust: 0.6
vendor:	tor	model:	0.3.2.*,<0.3.2.1-alpha	scope:	-	version:	-	Trust: 0.6
vendor:	torproject	model:	tor	scope:	eq	version:	0.3.1.0	Trust: 0.3
vendor:	torproject	model:	tor	scope:	eq	version:	0.2.8.14	Trust: 0.3
vendor:	debian	model:	linux sparc	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux s/390	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux powerpc	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux mips	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux ia-64	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux ia-32	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux arm	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux amd64	scope:	eq	version:	6.0	Trust: 0.3
vendor:	torproject	model:	tor 0.3.2.1-alpha	scope:	ne	version:	-	Trust: 0.3
vendor:	torproject	model:	tor	scope:	ne	version:	0.3.1.7	Trust: 0.3
vendor:	torproject	model:	tor	scope:	ne	version:	0.3.0.11	Trust: 0.3
vendor:	torproject	model:	tor	scope:	ne	version:	0.2.9.12	Trust: 0.3
vendor:	torproject	model:	tor	scope:	ne	version:	0.2.8.15	Trust: 0.3

sources: CNVD: CNVD-2017-34623 // BID: 101222 // JVNDB: JVNDB-2017-008306 // CNNVD: CNNVD-201709-858 // NVD: CVE-2017-0380

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-0380
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2017-0380
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2017-34623
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201709-858
value:	MEDIUM
Trust: 0.6

nvd@nist.gov:	CVE-2017-0380
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2017-34623
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2017-0380
baseSeverity:	MEDIUM
baseScore:	5.9
vectorString:	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	2.2
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2017-34623 // JVNDB: JVNDB-2017-008306 // CNNVD: CNNVD-201709-858 // NVD: CVE-2017-0380

PROBLEMTYPE DATA

problemtype:

CWE-532

Trust: 1.8

sources: JVNDB: JVNDB-2017-008306 // NVD: CVE-2017-0380

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201709-858

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201709-858

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-008306

PATCH

title:	Fix log-uninitialized-stack bug in rend_service_intro_established.	url:	https://github.com/torproject/tor/commit/09ea89764a4d3a907808ed7d4fe42abfe64bd486	Trust: 0.8
title:	Fix TROVE-2017-008: Stack disclosure in hidden services logs when SafeLogging disabled	url:	https://trac.torproject.org/projects/tor/ticket/23490	Trust: 0.8
title:	Patch for Tor 'rend_service_intro_established' function sensitive information disclosure vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/106424	Trust: 0.6
title:	Tor Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=74964	Trust: 0.6

sources: CNVD: CNVD-2017-34623 // JVNDB: JVNDB-2017-008306 // CNNVD: CNNVD-201709-858

EXTERNAL IDS

db:	NVD	id:	CVE-2017-0380	Trust: 3.4
db:	SECTRACK	id:	1039519	Trust: 1.0
db:	JVNDB	id:	JVNDB-2017-008306	Trust: 0.8
db:	CNVD	id:	CNVD-2017-34623	Trust: 0.6
db:	NSFOCUS	id:	37666	Trust: 0.6
db:	CNNVD	id:	CNNVD-201709-858	Trust: 0.6
db:	BID	id:	101222	Trust: 0.3
db:	PACKETSTORM	id:	144540	Trust: 0.1

sources: CNVD: CNVD-2017-34623 // BID: 101222 // JVNDB: JVNDB-2017-008306 // PACKETSTORM: 144540 // CNNVD: CNNVD-201709-858 // NVD: CVE-2017-0380

REFERENCES

url:	https://github.com/torproject/tor/commit/09ea89764a4d3a907808ed7d4fe42abfe64bd486	Trust: 1.9
url:	https://trac.torproject.org/projects/tor/ticket/23490	Trust: 1.9
url:	http://www.securitytracker.com/id/1039519	Trust: 1.0
url:	http://www.debian.org/security/2017/dsa-3993	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2017-0380	Trust: 0.9
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-0380	Trust: 0.8
url:	http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-0380	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/37666	Trust: 0.6
url:	https://bugzilla.redhat.com/show_bug.cgi?id=1493513	Trust: 0.3
url:	https://www.torproject.org/index.html.en	Trust: 0.3
url:	https://www.debian.org/security/	Trust: 0.1
url:	https://www.debian.org/security/faq	Trust: 0.1

sources: CNVD: CNVD-2017-34623 // BID: 101222 // JVNDB: JVNDB-2017-008306 // PACKETSTORM: 144540 // CNNVD: CNNVD-201709-858 // NVD: CVE-2017-0380

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 101222

SOURCES

db:	CNVD	id:	CNVD-2017-34623
db:	BID	id:	101222
db:	JVNDB	id:	JVNDB-2017-008306
db:	PACKETSTORM	id:	144540
db:	CNNVD	id:	CNNVD-201709-858
db:	NVD	id:	CVE-2017-0380

LAST UPDATE DATE

2024-11-23T21:53:47.798000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-34623	date:	2017-11-20T00:00:00
db:	BID	id:	101222	date:	2017-09-18T00:00:00
db:	JVNDB	id:	JVNDB-2017-008306	date:	2017-10-16T00:00:00
db:	CNNVD	id:	CNNVD-201709-858	date:	2017-09-19T00:00:00
db:	NVD	id:	CVE-2017-0380	date:	2024-11-21T03:02:52.303

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2017-34623	date:	2017-11-20T00:00:00
db:	BID	id:	101222	date:	2017-09-18T00:00:00
db:	JVNDB	id:	JVNDB-2017-008306	date:	2017-10-16T00:00:00
db:	PACKETSTORM	id:	144540	date:	2017-10-09T15:42:49
db:	CNNVD	id:	CNNVD-201709-858	date:	2017-09-19T00:00:00
db:	NVD	id:	CVE-2017-0380	date:	2017-09-18T16:29:00.207