{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-09-05T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "The compare_tor_addr_to_addr_policy function in or/policies.c in Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.21-rc, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a zero-valued port field that is not properly handled during policy comparison."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2012-11-06T10:00:00.000Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "GLSA-201301-03", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-201301-03.xml"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://trac.torproject.org/projects/tor/ticket/6690"}, {"name": "[oss-security] 20120912 Re: CVE id request: tor", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://openwall.com/lists/oss-security/2012/09/13/2"}, {"name": "50583", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/50583"}, {"name": "[tor-talk] 20120905 Tor 0.2.3.21-rc is out", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.torproject.org/pipermail/tor-talk/2012-September/025434.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://gitweb.torproject.org/tor.git/blob/release-0.2.2:/ReleaseNotes"}, {"name": "FEDORA-2012-14638", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088006.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://gitweb.torproject.org/tor.git/commit/62d96284f7e0f81c40d5df7e53dd7b4dfe7e56a5"}, {"name": "openSUSE-SU-2012:1278", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2012-10/msg00005.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-4419", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The compare_tor_addr_to_addr_policy function in or/policies.c in Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.21-rc, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a zero-valued port field that is not properly handled during policy comparison."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "GLSA-201301-03", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-201301-03.xml"}, {"name": "https://trac.torproject.org/projects/tor/ticket/6690", "refsource": "CONFIRM", "url": "https://trac.torproject.org/projects/tor/ticket/6690"}, {"name": "[oss-security] 20120912 Re: CVE id request: tor", "refsource": "MLIST", "url": "http://openwall.com/lists/oss-security/2012/09/13/2"}, {"name": "50583", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/50583"}, {"name": "[tor-talk] 20120905 Tor 0.2.3.21-rc is out", "refsource": "MLIST", "url": "https://lists.torproject.org/pipermail/tor-talk/2012-September/025434.html"}, {"name": "https://gitweb.torproject.org/tor.git/blob/release-0.2.2:/ReleaseNotes", "refsource": "CONFIRM", "url": "https://gitweb.torproject.org/tor.git/blob/release-0.2.2:/ReleaseNotes"}, {"name": "FEDORA-2012-14638", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088006.html"}, {"name": "https://gitweb.torproject.org/tor.git/commit/62d96284f7e0f81c40d5df7e53dd7b4dfe7e56a5", "refsource": "CONFIRM", "url": "https://gitweb.torproject.org/tor.git/commit/62d96284f7e0f81c40d5df7e53dd7b4dfe7e56a5"}, {"name": "openSUSE-SU-2012:1278", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2012-10/msg00005.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T20:35:09.606Z"}, "title": "CVE Program Container", "references": [{"name": "GLSA-201301-03", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-201301-03.xml"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://trac.torproject.org/projects/tor/ticket/6690"}, {"name": "[oss-security] 20120912 Re: CVE id request: tor", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2012/09/13/2"}, {"name": "50583", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/50583"}, {"name": "[tor-talk] 20120905 Tor 0.2.3.21-rc is out", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.torproject.org/pipermail/tor-talk/2012-September/025434.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://gitweb.torproject.org/tor.git/blob/release-0.2.2:/ReleaseNotes"}, {"name": "FEDORA-2012-14638", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088006.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://gitweb.torproject.org/tor.git/commit/62d96284f7e0f81c40d5df7e53dd7b4dfe7e56a5"}, {"name": "openSUSE-SU-2012:1278", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2012-10/msg00005.html"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2012-4419", "datePublished": "2012-09-14T18:00:00.000Z", "dateReserved": "2012-08-21T00:00:00.000Z", "dateUpdated": "2024-08-06T20:35:09.606Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:torproject:tor:*:*:*:*:*:*:*:*", "matchCriteriaId": "BA32083F-0241-4C1C-8CCB-E7EC3B1337B5", "versionEndIncluding": "0.2.2.38", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "42286A56-BB47-4A3E-B092-1057311D4960", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.2:pre13:*:*:*:*:*:*", "matchCriteriaId": "47511223-D650-4207-9856-DE025823231A", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.2:pre14:*:*:*:*:*:*", "matchCriteriaId": "0AD6C8F2-3050-453B-8942-A1916E3FC12B", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.2:pre15:*:*:*:*:*:*", "matchCriteriaId": "B34E2465-7E2D-40FA-B8F7-33B057C459CB", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.2:pre16:*:*:*:*:*:*", "matchCriteriaId": "CB68EBE3-3517-4D04-8F40-7DE3A21BE9D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.2:pre17:*:*:*:*:*:*", "matchCriteriaId": "A4C33393-220A-46D7-8C9F-67E5623A5F12", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.2:pre18:*:*:*:*:*:*", "matchCriteriaId": "5519509B-B07D-4514-A404-D812DBF3239D", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.2:pre19:*:*:*:*:*:*", "matchCriteriaId": "D65FBECD-2EA2-4779-9198-B3CA4B67A49B", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.2:pre20:*:*:*:*:*:*", "matchCriteriaId": "CF20BBD0-CA62-4FB2-B46D-F9BBFEF452F6", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.2:pre21:*:*:*:*:*:*", "matchCriteriaId": "F2317720-AC9D-4BA5-A334-34FA389AA097", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.2:pre22:*:*:*:*:*:*", "matchCriteriaId": "136DB452-2322-4FC5-A195-04E561D1D49F", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.2:pre23:*:*:*:*:*:*", "matchCriteriaId": "3D483797-8490-4625-8AF0-E6FF3C02CD72", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.2:pre24:*:*:*:*:*:*", "matchCriteriaId": "2341BDA5-859F-4BF4-A009-2DEB7902108B", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.2:pre25:*:*:*:*:*:*", "matchCriteriaId": "61C72051-52C5-43EC-88BD-C9E112C08827", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.2:pre26:*:*:*:*:*:*", "matchCriteriaId": "8699607B-7F86-4167-8CE8-699FE8F43D21", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.2:pre27:*:*:*:*:*:*", "matchCriteriaId": "68ADC617-824D-4D1C-BDF8-4EB19D5656B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "D04E67E7-93DD-4E8F-B88C-9C8C0721CDAD", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "6D858688-5063-4D39-BF58-189333D71785", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "6978370D-97D0-4C26-B050-8B2045404D03", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "0A1F71E8-D642-4F22-B377-34F011BF9160", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "EA9ACB8B-8185-4581-ABE4-0D8CE3A28BE0", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "B37E9B4D-E5C4-44AB-834D-8B37F3029001", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "CB3E5A9D-4CA3-43D5-AF13-375B23891B51", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "B5561A8E-CF13-4243-975F-3E754494C4A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "1F6AD9BE-352A-4ED2-97DA-4D4948F87B27", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "3234D4EE-1B3F-4835-A387-F41D76178254", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "56068ADD-8079-497B-B031-1094F1DC15B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "206353C7-8644-4F44-96CD-1FBEB39F2771", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "F1C578AB-95AD-4160-9319-16A1497D528C", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "80CD91D9-CC8B-44AE-8FF9-056733B36E11", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.9.4:*:*:*:*:*:*:*", "matchCriteriaId": "0CD8CC62-0C9F-47C8-B686-B376F2261ECF", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.9.5:*:*:*:*:*:*:*", "matchCriteriaId": "F74DBE38-B5F0-4FFC-9F98-7A55326A23EF", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.9.6:*:*:*:*:*:*:*", "matchCriteriaId": "439B85D4-9DC8-447D-ACC8-EB12C43B4F3C", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.9.7:*:*:*:*:*:*:*", "matchCriteriaId": "85A83136-AF8F-46FE-848C-37B26EDBD1ED", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.9.8:*:*:*:*:*:*:*", "matchCriteriaId": "7BDE9034-B5AF-403A-8220-715347F44519", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.9.9:*:*:*:*:*:*:*", "matchCriteriaId": "379069A5-CEAC-42E0-B905-39F0AF29C954", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.0.9.10:*:*:*:*:*:*:*", "matchCriteriaId": "13A4435E-23A6-45F3-94B1-75219555DEDB", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "CF0E2924-3559-419C-A033-391549D5E7E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "53E280D9-3371-4106-A0AA-ECE3AD2753F9", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.0.12:*:*:*:*:*:*:*", "matchCriteriaId": "9B608EB4-FC95-48CC-A90C-D079B2446F6B", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.0.13:*:*:*:*:*:*:*", "matchCriteriaId": "E04B4802-C2FC-45FF-9C27-0B8E6DF8F1C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.0.14:*:*:*:*:*:*:*", "matchCriteriaId": "DC41D6A9-B645-427F-B141-9A3ACC755FE6", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.0.15:*:*:*:*:*:*:*", "matchCriteriaId": "7A28BAE2-8F08-4002-A700-AAC581CED48B", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.0.16:*:*:*:*:*:*:*", "matchCriteriaId": "7BD06667-698A-4F64-9431-727FC905C6C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.0.17:*:*:*:*:*:*:*", "matchCriteriaId": "6BB82CEC-AAE1-4393-B307-860AFB65C277", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.1.20:*:*:*:*:*:*:*", "matchCriteriaId": "0BDFC6E1-F7EB-4033-BB4B-58A9182694B5", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.1.21:*:*:*:*:*:*:*", "matchCriteriaId": "45284729-472F-48FD-AC9F-707A3174ADD2", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.1.22:*:*:*:*:*:*:*", "matchCriteriaId": "5B266267-98D0-4245-B455-08B2B9B69DA1", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.1.23:*:*:*:*:*:*:*", "matchCriteriaId": "CB3CD2DF-9659-4C0A-A046-9AC6E566A558", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.1.24:*:*:*:*:*:*:*", "matchCriteriaId": "38A24E38-F136-41EA-A8EB-CD279EC9DE54", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.1.25:*:*:*:*:*:*:*", "matchCriteriaId": "FDF29849-516A-4731-B6ED-767B09024232", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.1.26:*:*:*:*:*:*:*", "matchCriteriaId": "AA26D387-0326-4CD5-98B0-F67D5621D2A3", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.2.13:*:*:*:*:*:*:*", "matchCriteriaId": "F05957B6-A8DF-4A04-8553-232101DEC9FC", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.2.14:*:*:*:*:*:*:*", "matchCriteriaId": "DC17296B-23A2-427B-8D41-4BED6E22DA60", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.2.15:*:*:*:*:*:*:*", "matchCriteriaId": "79B573F9-9966-4D61-802A-BBE3778FD3C3", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.2.16:*:*:*:*:*:*:*", "matchCriteriaId": "F5D625E1-0DA6-483E-A251-E161E6108225", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.2.17:*:*:*:*:*:*:*", "matchCriteriaId": "6D07F398-828C-4008-BC3E-3E511339B437", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.2.18:*:*:*:*:*:*:*", "matchCriteriaId": "6FB18F2C-1E37-48FA-9DAE-C20B9B7B80E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.1.2.19:*:*:*:*:*:*:*", "matchCriteriaId": "39D81D6F-372A-41AE-B42D-2BB1C4D4AB4F", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.0.30:*:*:*:*:*:*:*", "matchCriteriaId": "52D2C091-8D45-4AC7-93FD-BAD81F2D6D63", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.0.31:*:*:*:*:*:*:*", "matchCriteriaId": "3283E8DB-8238-4796-9CEB-207C6BF1E797", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.0.32:*:*:*:*:*:*:*", "matchCriteriaId": "9737DA01-3E58-4229-AB03-16646F703F83", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.0.33:*:*:*:*:*:*:*", "matchCriteriaId": "D6B2D6EF-7451-4A78-87D0-9339F3E2AB2D", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.0.34:*:*:*:*:*:*:*", "matchCriteriaId": "D7ECB794-8331-48E7-BCD2-B9822F9C114A", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.0.35:*:*:*:*:*:*:*", "matchCriteriaId": "1F293F19-E2AA-4133-B4D0-C5E1B2AF9CD6", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.18:*:*:*:*:*:*:*", "matchCriteriaId": "10344C2C-3137-4D2F-99A7-7802B80DE126", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.19:*:*:*:*:*:*:*", "matchCriteriaId": "C0182C38-23CC-4E54-8C3F-6AA4A3B863DF", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.20:*:*:*:*:*:*:*", "matchCriteriaId": "7B75EC06-BF76-4CA0-B604-6324AC6FC240", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.21:*:*:*:*:*:*:*", "matchCriteriaId": "16C53110-3FDC-4F28-9C4D-D08E14C6DB8C", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.22:*:*:*:*:*:*:*", "matchCriteriaId": "729E4E08-2556-4A29-829D-318719EE734B", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.23:*:*:*:*:*:*:*", "matchCriteriaId": "8B138D53-A28F-43CC-91F1-6B073A2F10F3", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.24:*:*:*:*:*:*:*", "matchCriteriaId": "7B20CCDC-94FF-4BDA-9111-E47AA8D475BA", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.25:*:*:*:*:*:*:*", "matchCriteriaId": "BB96E018-34C5-4462-B89C-55C42C8384D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.26:*:*:*:*:*:*:*", "matchCriteriaId": "BE594F43-0630-4937-A7AB-F8F9590A4167", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.27:*:*:*:*:*:*:*", "matchCriteriaId": "66A60CAC-A278-4AA2-A89A-E00E3D3B4127", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.28:*:*:*:*:*:*:*", "matchCriteriaId": "787E7A32-2CC4-43C1-8324-66772736F4D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.29:*:*:*:*:*:*:*", "matchCriteriaId": "36A36AAD-FB31-4793-A64B-1FAD90654687", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.30:*:*:*:*:*:*:*", "matchCriteriaId": "B5D9043C-E793-4505-9499-03B36D1F1545", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.31:*:*:*:*:*:*:*", "matchCriteriaId": "C0964E57-978F-445F-BBB1-817DBA1E8517", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.32:*:*:*:*:*:*:*", "matchCriteriaId": "933AC26E-E1CD-4B5B-B15A-31796B4B843F", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.33:*:*:*:*:*:*:*", "matchCriteriaId": "930D1039-AE12-41DE-BF9E-5BCB3FF396E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.34:*:*:*:*:*:*:*", "matchCriteriaId": "5ABBC508-673E-405E-8760-EA156C3A1B84", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.35:*:*:*:*:*:*:*", "matchCriteriaId": "93DBADBE-A941-4253-A509-9484BAF0FB7B", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.36:*:*:*:*:*:*:*", "matchCriteriaId": "60D4C951-CA2B-44F5-97C7-C1BE4B27B0C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.2.37:*:*:*:*:*:*:*", "matchCriteriaId": "146CEE2D-5FD6-4F2F-95E2-AB9D982C1D34", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "A308F86E-B64B-40CA-A880-827F5FDCFCC3", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.3.13:alpha:*:*:*:*:*:*", "matchCriteriaId": "888C8557-D3B3-43C9-9602-AA707EA20D53", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.3.14:alpha:*:*:*:*:*:*", "matchCriteriaId": "1A50B658-1049-4467-B95E-2F697F2DD8B7", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.3.15:alpha:*:*:*:*:*:*", "matchCriteriaId": "D60AE56E-EE6D-4992-BD5B-5E32F5DDB385", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.3.16:alpha:*:*:*:*:*:*", "matchCriteriaId": "695A8085-2198-4DB7-BA5B-734063FB74D9", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.3.17:beta:*:*:*:*:*:*", "matchCriteriaId": "35936C42-AAA8-40FC-803D-2F56D8B881BA", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.3.18:rc:*:*:*:*:*:*", "matchCriteriaId": "EB448439-B7C3-441F-8923-AC125324A517", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.3.19:rc:*:*:*:*:*:*", "matchCriteriaId": "9F471155-F0ED-4F73-A04C-EF39DFC9F666", "vulnerable": true}, {"criteria": "cpe:2.3:a:torproject:tor:0.2.3.20:rc:*:*:*:*:*:*", "matchCriteriaId": "D93C514A-0BCB-4BDD-84C2-6C78D346FC13", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The compare_tor_addr_to_addr_policy function in or/policies.c in Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.21-rc, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a zero-valued port field that is not properly handled during policy comparison."}, {"lang": "es", "value": "La funci\u00f3n compare_tor_addr_to_addr_policy en or/policies.c en Tor antes de v0.2.2.39 y v0.2.3.x antes de v0.2.3.21-rc, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (error de aserci\u00f3n y salida del demonio) a trav\u00e9s de un valor cero en el campo port (puerto) que no se gestionado correctamente durante la comparaci\u00f3n de pol\u00edticas.\r\n"}], "id": "CVE-2012-4419", "lastModified": "2026-04-29T01:13:23.040", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-09-14T18:55:04.917", "references": [{"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088006.html"}, {"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-updates/2012-10/msg00005.html"}, {"source": "secalert@redhat.com", "url": "http://openwall.com/lists/oss-security/2012/09/13/2"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/50583"}, {"source": "secalert@redhat.com", "url": "http://security.gentoo.org/glsa/glsa-201301-03.xml"}, {"source": "secalert@redhat.com", "url": "https://gitweb.torproject.org/tor.git/blob/release-0.2.2:/ReleaseNotes"}, {"source": "secalert@redhat.com", "url": "https://gitweb.torproject.org/tor.git/commit/62d96284f7e0f81c40d5df7e53dd7b4dfe7e56a5"}, {"source": "secalert@redhat.com", "url": "https://lists.torproject.org/pipermail/tor-talk/2012-September/025434.html"}, {"source": "secalert@redhat.com", "url": "https://trac.torproject.org/projects/tor/ticket/6690"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088006.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-updates/2012-10/msg00005.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://openwall.com/lists/oss-security/2012/09/13/2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/50583"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-201301-03.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://gitweb.torproject.org/tor.git/blob/release-0.2.2:/ReleaseNotes"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://gitweb.torproject.org/tor.git/commit/62d96284f7e0f81c40d5df7e53dd7b4dfe7e56a5"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.torproject.org/pipermail/tor-talk/2012-September/025434.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://trac.torproject.org/projects/tor/ticket/6690"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}