Main Vulnerability Database Exploits ID:6400 - Exploit for Use-after-free in Tor - CVE-2018-0491

ID:6400 - Exploit for Use-after-free in Tor - CVE-2018-0491

Published: June 17, 2021

Vulnerability identifier: #VU31346

Vulnerability risk: Medium

CVE-ID: CVE-2018-0491

CWE-ID: CWE-416

Exploitation vector: Remote access

Vulnerable software:
Tor

Link to public exploit:

https://www.exploit-db.com/exploits/44994/

Vulnerability description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

A use-after-free issue was discovered in Tor 0.3.2.x before 0.3.2.10. It allows remote attackers to cause a denial of service (relay crash) because the KIST implementation allows a channel to be added more than once in the pending list.

Remediation

Install update from vendor's website.

ID:6400 - Exploit for Use-after-free in Tor - CVE-2018-0491

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human