Novell Home

CVE-2012-5573

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2012-5573 at MITRE

Description

The connection_edge_process_relay_cell function in or/relay.c in Tor before 0.2.3.25 maintains circuits even if an unexpected SENDME cell arrives, which might allow remote attackers to cause a denial of service (memory consumption or excessive cell reception rate) or bypass intended flow-control restrictions via a RELAY_COMMAND_SENDME command.

NVD CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)

Novell/SUSE information

Novell Bugzilla entry: 791374

SUSE Security Advisories:

© 2014 Novell