CVE

Id
48402  
CVE No.
CVE-2011-0490  
Status
Candidate  
Description
Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha makes calls to Libevent within Libevent log handlers, which might allow remote attackers to cause a denial of service (daemon crash) via vectors that trigger certain log messages.  
Phase
Assigned (20110118)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
525653 48402 CVE-2011-0490 MLIST:[or-announce] 20110117 Tor 0.2.1.29 is released (security patches)  View
525654 48402 CVE-2011-0490 URL:http://archives.seul.org/or/announce/Jan-2011/msg00000.html  View
525655 48402 CVE-2011-0490 CONFIRM:http://blog.torproject.org/blog/tor-02129-released-security-patches  View
525656 48402 CVE-2011-0490 CONFIRM:https://gitweb.torproject.org/tor.git/blob/refs/heads/release-0.2.2:/ChangeLog  View
525657 48402 CVE-2011-0490 CONFIRM:https://trac.torproject.org/projects/tor/ticket/2190  View
525658 48402 CVE-2011-0490 BID:45953  View
525659 48402 CVE-2011-0490 URL:http://www.securityfocus.com/bid/45953  View
525660 48402 CVE-2011-0490 XF:tor-libevent-dos(64889)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
33897 JVNDB-2011-004139 Asterisk Open Source の ast_uri_encode 関数におけるスタックベースのバッファオーバーフローの脆弱性 Asterisk Open Source の main/utils.c の ast_uri_encode 関数には、スタックベースのバッファオーバーフローの脆弱性が存在します。 CVE-2011-0495 48402 6 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-004139.html  View