CVE-2017-0380

moderate-risk
Published 2017-09-18

The rend_service_intro_established function in or/rendservice.c in Tor before 0.2.8.15, 0.2.9.x before 0.2.9.12, 0.3.0.x before 0.3.0.11, 0.3.1.x before 0.3.1.7, and 0.3.2.x before 0.3.2.1-alpha, when SafeLogging is disabled, allows attackers to obtain sensitive information by leveraging access to the log files of a hidden service, because uninitialized stack data is included in an error message about construction of an introduction point circuit.

Do I need to act?

-
0.44% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.9/10 Medium
NETWORK / HIGH complexity

Affected Products (20)

Tor
Tor
Tor
Tor
Tor
Tor
Tor
Tor
Tor
Tor
Tor
Tor
Tor
Tor
Tor
Tor
Tor
Tor
Tor
Tor

Affected Vendors

Torproject

References (8)

http://www.debian.org/security/2017/dsa-3993
http://www.securitytracker.com/id/1039519
Patch https://github.com/torproject/tor/commit/09ea89764a4d3a907808ed7d4fe42abfe64bd48...
Mitigation https://trac.torproject.org/projects/tor/ticket/23490
http://www.debian.org/security/2017/dsa-3993
http://www.securitytracker.com/id/1039519
Patch https://github.com/torproject/tor/commit/09ea89764a4d3a907808ed7d4fe42abfe64bd48...
Mitigation https://trac.torproject.org/projects/tor/ticket/23490
43
/ 100
moderate-risk
Severity 18/34 · Moderate
Exploitability 2/34 · Minimal
Exposure 23/34 · High