CVE-2006-3416
EPSS 0.78%
Description
Tor before 0.1.1.20 kills the circuit when it receives an unrecognized relay command, which causes network circuits to be disbanded. NOTE: while this item is listed under the "Security fixes" section of the developer changelog, the developer clarified on 20060707 that this is only a self-DoS. Therefore this issue should not be included in CVE
How to fix CVE-2006-3416
To remediate CVE-2006-3416, upgrade the affected package to a fixed version below.
- Debian/tor—upgrade to 0.1.1.20-1 or later
Is CVE-2006-3416 being exploited?
Low — EPSS is 0.8%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 0.1.1.20-1