what you don't know can hurt you
Showing 1 - 3 of 3 RSS Feed

CVE-2010-1676

Status Candidate

Overview

Heap-based buffer overflow in Tor before 0.2.1.28 and 0.2.2.x before 0.2.2.20-alpha allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors.

Related Files

Gentoo Linux Security Advisory 201101-02
Posted Jan 15, 2011
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201101-2 - Tor is vulnerable to a heap-based buffer overflow that may allow arbitrary code execution. Tor contains a heap-based buffer overflow in the processing of user or attacker supplied data. No additional information is available. Versions less than 0.2.1.28 are affected.

tags | advisory, overflow, arbitrary, code execution
systems | linux, gentoo
advisories | CVE-2010-1676
MD5 | ba635482f76ae86287c98195cc7d64e7
Debian Security Advisory 2136-1
Posted Dec 23, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2136-1 - Willem Pinckaers discovered that Tor, a tool to enable online anonymity, does not correctly handle all data read from the network. By supplying specially crafted packets a remote attacker can cause Tor to overflow its heap, crashing the process. Arbitrary code execution has not been confirmed but there is a potential risk.

tags | advisory, remote, overflow, arbitrary, code execution
systems | linux, debian
advisories | CVE-2010-1676
MD5 | 760f792a4130bb4714927bdc93101fd2
TOR Virtual Network Tunneling Tool 0.2.1.28
Posted Dec 20, 2010
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This release does some code cleanup to reduce the risk of remotely exploitable bugs. The Common Vulnerabilities and Exposures project has assigned CVE-2010-1676 to this issue.
tags | tool, remote, local, peer2peer
systems | unix
advisories | CVE-2010-1676
MD5 | 11e8384414623b50fe50ba7da85893db
Page 1 of 1
Back1Next

File Archive:

July 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    15 Files
  • 2
    Jul 2nd
    19 Files
  • 3
    Jul 3rd
    12 Files
  • 4
    Jul 4th
    1 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    25 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close