what you don't know can hurt you
Showing 1 - 3 of 3 RSS Feed

CVE-2010-1676

Status Candidate

Overview

Heap-based buffer overflow in Tor before 0.2.1.28 and 0.2.2.x before 0.2.2.20-alpha allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors.

Related Files

Gentoo Linux Security Advisory 201101-02
Posted Jan 15, 2011
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201101-2 - Tor is vulnerable to a heap-based buffer overflow that may allow arbitrary code execution. Tor contains a heap-based buffer overflow in the processing of user or attacker supplied data. No additional information is available. Versions less than 0.2.1.28 are affected.

tags | advisory, overflow, arbitrary, code execution
systems | linux, gentoo
advisories | CVE-2010-1676
MD5 | ba635482f76ae86287c98195cc7d64e7
Debian Security Advisory 2136-1
Posted Dec 23, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2136-1 - Willem Pinckaers discovered that Tor, a tool to enable online anonymity, does not correctly handle all data read from the network. By supplying specially crafted packets a remote attacker can cause Tor to overflow its heap, crashing the process. Arbitrary code execution has not been confirmed but there is a potential risk.

tags | advisory, remote, overflow, arbitrary, code execution
systems | linux, debian
advisories | CVE-2010-1676
MD5 | 760f792a4130bb4714927bdc93101fd2
TOR Virtual Network Tunneling Tool 0.2.1.28
Posted Dec 20, 2010
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This release does some code cleanup to reduce the risk of remotely exploitable bugs. The Common Vulnerabilities and Exposures project has assigned CVE-2010-1676 to this issue.
tags | tool, remote, local, peer2peer
systems | unix
advisories | CVE-2010-1676
MD5 | 11e8384414623b50fe50ba7da85893db
Page 1 of 1
Back1Next

File Archive:

March 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    15 Files
  • 2
    Mar 2nd
    5 Files
  • 3
    Mar 3rd
    3 Files
  • 4
    Mar 4th
    25 Files
  • 5
    Mar 5th
    20 Files
  • 6
    Mar 6th
    16 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    12 Files
  • 9
    Mar 9th
    3 Files
  • 10
    Mar 10th
    4 Files
  • 11
    Mar 11th
    23 Files
  • 12
    Mar 12th
    12 Files
  • 13
    Mar 13th
    12 Files
  • 14
    Mar 14th
    19 Files
  • 15
    Mar 15th
    12 Files
  • 16
    Mar 16th
    3 Files
  • 17
    Mar 17th
    1 Files
  • 18
    Mar 18th
    15 Files
  • 19
    Mar 19th
    22 Files
  • 20
    Mar 20th
    14 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    17 Files
  • 23
    Mar 23rd
    1 Files
  • 24
    Mar 24th
    1 Files
  • 25
    Mar 25th
    16 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close