CVE-2013-7295
EPSS 0.16%發布日:2014/1/17修改日:2026/4/28
描述
Tor before 0.2.4.20, when OpenSSL 1.x is used in conjunction with a certain HardwareAccel setting on Intel Sandy Bridge and Ivy Bridge platforms, does not properly generate random numbers for (1) relay identity keys and (2) hidden-service identity keys, which might make it easier for remote attackers to bypass cryptographic protection mechanisms via unspecified vectors.
受影響套件(1)
- Debian/torfrom 0, < 0.2.4.20-1