{
  "modified": "2025-08-09T19:01:28Z",
  "published": "2005-08-23T04:00:00Z",
  "id": "CVE-2005-2643",
  "details": "Tor 0.1.0.13 and earlier, and experimental versions 0.1.1.4-alpha and earlier, does not reject certain weak keys when using ephemeral Diffie-Hellman (DH) handshakes, which allows malicious Tor servers to obtain the keys that a client uses for other systems in the circuit.",
  "references": [
    {
      "type": "ADVISORY",
      "url": "http://archives.seul.org/or/announce/Aug-2005/msg00002.html"
    },
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/advisories/16424"
    },
    {
      "type": "FIX",
      "url": "http://secunia.com/advisories/16424"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=112448002732443\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1014739"
    }
  ]
}