CVE-2015-7665 — MEDIUM (5.3)

Q: How severe is CVE-2015-7665?

CVE-2015-7665 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2015-7665?

Check the references section above for vendor advisories and patch information. Affected products include: Tails Project Tails.

Vulnerability Description

Tails before 1.7 includes the wget program but does not prevent automatic fallback from passive FTP to active FTP, which allows remote FTP servers to discover the Tor client IP address by reading a (1) PORT or (2) EPRT command. NOTE: within wget itself, the automatic fallback is not considered a vulnerability by CVE.

CVSS Score

5.3

MEDIUM

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Tails Project	Tails	<= 1.6

Related Weaknesses (CWE)

CWE-200

References

FAQ

What is CVE-2015-7665?

CVE-2015-7665 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Tails before 1.7 includes the wget program but does not prevent automatic fallback from passive FTP to active FTP, which allows remote FTP servers to discover the Tor client IP address by reading a (1...

How severe is CVE-2015-7665?

CVE-2015-7665 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-7665?

Check the references section above for vendor advisories and patch information. Affected products include: Tails Project Tails.