CVE-2009-0654

NameCVE-2009-0654
DescriptionTor 0.2.0.28, and probably 0.2.0.34 and earlier, allows remote attackers, with control of an entry router and an exit router, to confirm that a sender and receiver are communicating via vectors involving (1) replaying, (2) modifying, (3) inserting, or (4) deleting a single cell, and then observing cell recognition errors at the exit router. NOTE: the vendor disputes the significance of this issue, noting that the product's design "accepted end-to-end correlation as an attack that is too expensive to solve."
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
tor (PTS)jessie, jessie (lts)0.2.5.16-1vulnerable
stretch0.2.9.16-1vulnerable
stretch (security), stretch (lts)0.2.9.15-1vulnerable
buster (security), buster, buster (lts)0.3.5.16-1+deb10u1vulnerable
bullseye (security), bullseye0.4.5.16-1vulnerable
bookworm (security), bookworm0.4.7.16-1vulnerable
sid, trixie0.4.8.13-2vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
torsource(unstable)(unfixed)unimportant

Notes

attacker already controls entry and exit node at this stage

Search for package or bug name: Reporting problems