vulnerability
FreeBSD: VID-c1dc55dc-9556-11e6-b154-3065ec8fd3ec: Tor -- remote denial of service
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Oct 18, 2016 | Nov 14, 2016 | Dec 10, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Oct 18, 2016
Added
Nov 14, 2016
Modified
Dec 10, 2025
Description
The Tor Blog reports: Prevent a class of security bugs caused by treating the contents of a buffer chunk as if they were a NUL-terminated string. At least one such bug seems to be present in all currently used versions of Tor, and would allow an attacker to remotely crash most Tor instances, especially those compiled with extra compiler hardening. With this defense in place, such bugs can't crash Tor, though we should still fix them as they occur. Closes ticket 20384 (TROVE-2016-10-001).
Solutions
freebsd-upgrade-package-torfreebsd-upgrade-package-tor-devel
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.