CVE-2006-3418

EPSS 0.48% · P65 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2006-3418

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Tor before 0.1.1.20 does not validate that a server descriptor's fingerprint line matches its identity key, which allows remote attackers to spoof the fingerprint line, which might be trusted by users or other applications.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Tor 验证服务器伪造权限漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Tor 0.1.1.20之前版本未验证服务器描述符的指纹线是否与其身份密钥匹配，远程攻击者伪造可能获得用户或其他应用程序信任的指纹线。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2006-3418

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2006-3418

请登录查看更多情报信息。

http://tor.eff.org/cvs/tor/ChangeLogx_refsource_CONFIRM
http://secunia.com/advisories/20514third-party-advisoryx_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-200606-04.xmlvendor-advisoryx_refsource_GENTOO
https://nvd.nist.gov/vuln/detail/CVE-2006-3418

Same Patch Batch · n/a · 2006-07-07 · 29 CVEs total

CVE-2006-3416		Tor 中继命令网路解散漏洞
CVE-2006-3430		PatchLink Update 'Checkprofile.ASP' SQL注入漏洞
CVE-2006-3429		TTCalc Script Loan And Mortgage 跨站脚本攻击(XSS) 漏洞
CVE-2006-3428		TTCalc Script Loan And Mortgage跨站脚本攻击(XSS) 漏洞
CVE-2006-3427		Microsoft IE StructuredGraphicsControl远程拒绝服务漏洞
CVE-2006-3426		PatchLink Update Server目录遍历漏洞
CVE-2006-3425		PatchLink Update Server 'Proxyreg.ASP'认证绕过漏洞
CVE-2006-3424		WebEx Downloader ActiveX控件多个缓冲区溢出漏洞
CVE-2006-3423		WebEx Downloader插件GpcUrlRoot和GpcIniFileName ActiveX/Java控件远程代码执行漏洞
CVE-2006-3422		WonderEdit Pro 'User_Bottom.PHP'远程文件包含漏洞
CVE-2006-3421		SmartSiteCMS多个远程文件包含漏洞
CVE-2006-3420		MyBulletinBoard 'editpost.php '跨站请求伪造(CSRF) 漏洞
CVE-2006-3419		Tor before OpenSSL伪随机暴力破解漏洞
CVE-2006-3417		Tor client is_fast或is_stable标记节点漏洞
CVE-2006-3458		Zope Docutils模块信息泄露漏洞
CVE-2006-3415		Tor 未明中间人(MITM)攻击漏洞
CVE-2006-3414		Tor before 非IP地址的服务器描述符漏洞
CVE-2006-3413		Tor "logfile"记录敏感的信息信息泄露漏洞
CVE-2006-3412		Tor before dir服务器、直接连接或代理服务器安全绕过漏洞
CVE-2006-3411		Tor TLS握手根据TLS公/私钥加密密钥的强力攻击漏洞

Showing top 20 of 29 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2006-3418

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2006-3418

I. Basic Information for CVE-2006-3418

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2006-3418

III. Intelligence Information for CVE-2006-3418

Same Patch Batch · n/a · 2006-07-07 · 29 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2006-3418

Leave a comment