Timing Side-Channel Vulnerability in Tor Routerlist

Timing Side-Channel Vulnerability in Tor Routerlist

CVE-2012-3519 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

routerlist.c in Tor before 0.2.2.38 uses a different amount of time for relay-list iteration depending on which relay is chosen, which might allow remote attackers to obtain sensitive information about relay selection via a timing side-channel attack.

Learn more about our Web Application Penetration Testing UK.