CVE-2011-1924
EPSS 1.6%
Description
Buffer overflow in the policy_summarize function in or/policies.c in Tor before 0.2.1.30 allows remote attackers to cause a denial of service (directory authority crash) via a crafted policy that triggers creation of a long port list.
How to fix CVE-2011-1924
To remediate CVE-2011-1924, upgrade the affected package to a fixed version below.
- Debian/tor—upgrade to 0.2.1.30-1 or later
Is CVE-2011-1924 being exploited?
Low — EPSS is 1.6%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 0.2.1.30-1