CVE-2006-0414
EPSS 1.1%
Description
Tor before 0.1.1.20 allows remote attackers to identify hidden services via a malicious Tor server that attempts a large number of accesses of the hidden service, which eventually causes a circuit to be built through the malicious server.
How to fix CVE-2006-0414
To remediate CVE-2006-0414, upgrade the affected package to a fixed version below.
- Debian/tor—upgrade to 0.1.1.11-alpha-1 or later
Is CVE-2006-0414 being exploited?
Low — EPSS is 1.1%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 0.1.1.11-alpha-1