CalvinBackup/CVEs-PoC
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2026-05-11 00:14:52 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
b0e96c877abb080d7cf221c036336480ff266ccf
CVEs-PoC/2017/CVE-2017-8821.md
T
0xMarcio 49bdc782b3 Update Sun May 26 14:27:04 CEST 2024
2024-05-26 14:27:05 +02:00

19 lines
1.0 KiB
Markdown
Raw Blame History

### [CVE-2017-8821](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8821)
![](https://img.shields.io/static/v1?label=Product&message=Tor%20before%200.2.5.16%2C%200.2.6%20through%200.2.8%20before%200.2.8.17%2C%200.2.9%20before%200.2.9.14%2C%200.3.0%20before%200.3.0.13%2C%20and%200.3.1%20before%200.3.1.9&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=application%20hang&color=brighgreen)
### Description
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, an attacker can cause a denial of service (application hang) via crafted PEM input that signifies a public key requiring a password, which triggers an attempt by the OpenSSL library to ask the user for the password, aka TROVE-2017-011.
### POC
#### Reference
No PoCs from references.
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/chnzzh/OpenSSL-CVE-lib
Reference in New Issue View Git Blame Copy Permalink