Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:12814
HistoryMay 25, 2006 - 12:00 a.m.

[SA20277] Tor Weakness and Multiple Vulnerabilities

2006-05-2500:00:00
vulners.com
7

TITLE:
Tor Weakness and Multiple Vulnerabilities

SECUNIA ADVISORY ID:
SA20277

VERIFY ADVISORY:
http://secunia.com/advisories/20277/

CRITICAL:
Moderately critical

IMPACT:

WHERE:
>From remote

SOFTWARE:
Tor 0.1.0.x
http://secunia.com/product/5269/

DESCRIPTION:
Some vulnerabilities and a weakness have been reported in Tor, which
can be exploited by malicious people to spoof log entries, disclose
certain sensitive information, and cause a DoS (Denial of Service).

1) Input strings received from the network isn't properly sanitised
before being displayed. This can potentially be exploited to spoof
log entries via certain non-printable characters.

2) An unspecified error in the directory server can be exploited to
cause a DoS.

3) Some integer overflow errors exists when adding elements to
smartlists. This can potentially be exploited to cause a buffer
overflow via malicious large inputs.

4) An error in which internal circuits are picked based on the
circuits having useful exit nodes, can potentially reveal certain
information via statistical attacks.

The vulnerabilities and weakness have been reported in versions prior
to 0.1.1.20.

Note: Several other issues, which may be security related, have also
been fixed.

SOLUTION:
Update to version 0.1.1.20.
http://tor.eff.org/download.html

PROVIDED AND/OR DISCOVERED BY:
1-3) Reported by vendor.
4) Lasse Overlier

ORIGINAL ADVISORY:
http://tor.eff.org/cvs/tor/ChangeLog


About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.