CVE-2006-3413

Description

The privoxy configuration file in Tor before 0.1.1.20, when run on Apple OS X, logs all data via the "logfile", which allows attackers to obtain potentially sensitive information.

How to fix CVE-2006-3413

To remediate CVE-2006-3413, upgrade the affected package to a fixed version below.

• Debian/tor—upgrade to 0.1.1.20-1 or later

Is CVE-2006-3413 being exploited?

Low — EPSS is 0.4%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

• from 0, < 0.1.1.20-1

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2006-3413