CVE-2009-0654
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2009-0654
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Tor 0.2.0.28, and probably 0.2.0.34 and earlier, allows remote attackers, with control of an entry router and an exit router, to confirm that a sender and receiver are communicating via vectors involving (1) replaying, (2) modifying, (3) inserting, or (4) deleting a single cell, and then observing cell recognition errors at the exit router. NOTE: the vendor disputes the significance of this issue, noting that the product's design "accepted end-to-end correlation as an attack that is too expensive to solve."
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
tor 退出路径信息泄露漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Tor(The Onion Router)是第二代洋葱路由(onion routing)的一种实现。 Tor 0.2.0.28版本,以及可能0.2.0.34版本及其早期版本允许具有登陆和退出规定路线的远程攻击者,可以借助能够(1)替代,(2)修改,(3)插入,或(4)删除一个单元并在退出路线中观测单元识别错误的向量来确定一个发送者和接收者。注意:厂商对该漏洞的严重性提出争议。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2009-0654
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2009-0654
请登录查看更多情报信息。
- http://www.blackhat.com/html/bh-dc-09/bh-dc-09-archives.html#Fux_refsource_MISC
- http://blog.torproject.org/blog/one-cell-enoughx_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2009-0654
Same Patch Batch · n/a · 2009-02-20 · 51 CVEs total
| CVE-2008-6203 | Jakob-Persson CoBaLT 'adminler.asp' SQL注入漏洞 | |
| CVE-2008-6209 | Vastal Software Zone 'view_product.php' SQL注入漏洞 | |
| CVE-2008-6195 | LANDesk Management Suite 服务PXE TFTP 目录遍历漏洞 | |
| CVE-2008-6196 | Philippe CROCHAT EasySite 多个远程文件包含漏洞 | |
| CVE-2008-6197 | KwsPHP Galerie Module "id_gal" Parameter SQL注入漏洞 | |
| CVE-2008-6198 | Mybboard MyBB Custom Pages模块 "pages" 参数 SQL注入漏洞 | |
| CVE-2008-6199 | 2532gigs权限许可和访问控制问题漏洞 | |
| CVE-2008-6212 | Php-Stats "admin.php" 多个跨站脚本攻击漏洞 | |
| CVE-2008-6205 | Xaaaaav38 URLStreet 'seeurl.php'跨站脚本攻击漏洞 | |
| CVE-2008-6204 | SuperNET Shop 多个远程文件SQL注入漏洞 | |
| CVE-2008-6206 | RobotStats 多个远程文件包含漏洞 | |
| CVE-2008-6202 | Jakob-Persson CoBaLT SQL注入漏洞 | |
| CVE-2008-6201 | KwsPHP Eskuel Module "help.php" 目录遍历漏洞 | |
| CVE-2008-6200 | Wiki Swiki多个跨站脚本攻击漏洞 | |
| CVE-2008-6219 | EMC NetWorker产品nsrexecd.exe RPC请求拒绝服务漏洞 | |
| CVE-2008-6218 | Libpng库png_handle_tEXt()内存泄露漏洞 | |
| CVE-2008-6217 | Extrakt Framework "index.php" 跨站脚本攻击漏洞 | |
| CVE-2008-6216 | Venalsur Booking Centre 'cadena_ofertas_ext.php' SQL注入"漏洞 | |
| CVE-2008-6215 | Venalsur Booking Centre 'cadena_ofertas_ext.php'跨站脚本攻击漏洞 | |
| CVE-2008-6214 | Harlandscripts Pro Traffic One "poll_results.php" SQL注入漏洞 |
Showing top 20 of 51 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8276
bettercap MySQL Server mysql_server.go integer coercion - CVE-2026-8275
bettercap zerogod IPP Service zerogod_ipp_primitives.go ippR - CVE-2026-8270
Open5GS SMF ogs_nas_parse_qos_rules denial of service - CVE-2026-8269
Open5GS SMF smf_nsmf_handle_create_sm_context denial of serv - CVE-2026-8268
Open5GS SMF OpenAPI_list_create denial of service
V. Comments for CVE-2009-0654
No comments yet