CVE-2006-6893

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2006-6893

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2006-6893.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2006-6893

Published

2006-12-31T05:00:00Z

Modified

2025-01-14T06:01:22.059949Z

Summary

[none]

Details

Tor allows remote attackers to discover the IP address of a hidden service by accessing this service at a high rate, thereby changing the server's CPU temperature and consequently changing the pattern of time values visible through (1) ICMP timestamps, (2) TCP sequence numbers, and (3) TCP timestamps, a different vulnerability than CVE-2006-0414. NOTE: it could be argued that this is a laws-of-physics vulnerability that is a fundamental design limitation of certain hardware implementations, so perhaps this issue should not be included in CVE.

References

Affected packages

Debian:11 / tor

Package

Name: tor
Purl: pkg:deb/debian/tor?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.4.5.9-1

0.4.5.10-1~bpo10+1

0.4.5.10-1~deb11u1

0.4.5.10-1

0.4.5.16-1

0.4.6.2-alpha-1

0.4.6.3-rc-1

0.4.6.4-rc-1

0.4.6.6-1

0.4.6.7-1

0.4.6.8-1~bpo10+2

0.4.6.8-1~bpo11+2

0.4.6.8-1

0.4.6.9-1

0.4.6.10-1~bpo10+1

0.4.6.10-1~bpo11+1

0.4.6.10-1

0.4.7.3-alpha-1

0.4.7.4-alpha-1

0.4.7.5-alpha-1

0.4.7.6-rc-1

0.4.7.7-1~bpo10+1

0.4.7.7-1~bpo11+1

0.4.7.7-1

0.4.7.8-1~bpo10+1

0.4.7.8-1~bpo11+1

0.4.7.8-1

0.4.7.9-1

0.4.7.10-1~bpo10+1

0.4.7.10-1~bpo11+1

0.4.7.10-1

0.4.7.11-1~bpo11+1

0.4.7.11-1

0.4.7.12-1

0.4.7.13-1~bpo11+1

0.4.7.13-1

0.4.7.16-1

0.4.8.4-2

0.4.8.5-1

0.4.8.6-1

0.4.8.7-1

0.4.8.8-1

0.4.8.9-1~bpo11+1

0.4.8.9-1~bpo12+1

0.4.8.9-1

0.4.8.10-1~bpo11+1

0.4.8.10-1~bpo12+1

0.4.8.10-1

0.4.8.11-1~bpo11+1

0.4.8.11-1~bpo12+1

0.4.8.11-1

0.4.8.12-1~bpo11+1

0.4.8.12-1~bpo12+1

0.4.8.12-1

0.4.8.12-1.1

0.4.8.13-1

0.4.8.13-2~bpo12+1

0.4.8.13-2

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / tor

Package

Name: tor
Purl: pkg:deb/debian/tor?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.4.7.13-1

0.4.7.16-1

0.4.8.4-2

0.4.8.5-1

0.4.8.6-1

0.4.8.7-1

0.4.8.8-1

0.4.8.9-1~bpo11+1

0.4.8.9-1~bpo12+1

0.4.8.9-1

0.4.8.10-1~bpo11+1

0.4.8.10-1~bpo12+1

0.4.8.10-1

0.4.8.11-1~bpo11+1

0.4.8.11-1~bpo12+1

0.4.8.11-1

0.4.8.12-1~bpo11+1

0.4.8.12-1~bpo12+1

0.4.8.12-1

0.4.8.12-1.1

0.4.8.13-1

0.4.8.13-2~bpo12+1

0.4.8.13-2

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / tor

Package

Name: tor
Purl: pkg:deb/debian/tor?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.4.7.13-1

0.4.7.16-1

0.4.8.4-2

0.4.8.5-1

0.4.8.6-1

0.4.8.7-1

0.4.8.8-1

0.4.8.9-1~bpo11+1

0.4.8.9-1~bpo12+1

0.4.8.9-1

0.4.8.10-1~bpo11+1

0.4.8.10-1~bpo12+1

0.4.8.10-1

0.4.8.11-1~bpo11+1

0.4.8.11-1~bpo12+1

0.4.8.11-1

0.4.8.12-1~bpo11+1

0.4.8.12-1~bpo12+1

0.4.8.12-1

0.4.8.12-1.1

0.4.8.13-1

0.4.8.13-2~bpo12+1

0.4.8.13-2

Ecosystem specific

{
    "urgency": "unimportant"
}