what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 3 of 3 RSS Feed

CVE-2012-4419

Status Candidate

Overview

The compare_tor_addr_to_addr_policy function in or/policies.c in Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.21-rc, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a zero-valued port field that is not properly handled during policy comparison.

Related Files

Mandriva Linux Security Advisory 2013-132
Posted Apr 11, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-132 - Tor before 0.2.2.34, when configured as a client or bridge, sends a TLS certificate chain as part of an outgoing OR connection, which allows remote relays to bypass intended anonymity properties by reading this chain and then determining the set of entry guards that the client or bridge had selected. Tor before 0.2.2.34, when configured as a bridge, accepts the CREATE and CREATE_FAST values in the Command field of a cell within an OR connection that it initiated, which allows remote relays to enumerate bridges by using these values. Various other vulnerabilities have been addressed.

tags | advisory, remote, vulnerability
systems | linux, mandriva
advisories | CVE-2011-2768, CVE-2011-2769, CVE-2012-3517, CVE-2012-3518, CVE-2012-3519, CVE-2012-4419, CVE-2012-5573
SHA-256 | 5ee102c8464d210c11eb70256fe5f9fdeb5edd501b3b5eb68b0590a9bb1f0ee1
Gentoo Linux Security Advisory 201301-03
Posted Jan 9, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201301-3 - Multiple vulnerabilities have been found in Tor, allowing attackers to cause Denial of Service or obtain sensitive information. Versions less than 0.2.3.25 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2012-3517, CVE-2012-3518, CVE-2012-3519, CVE-2012-4419, CVE-2012-4922, CVE-2012-5573
SHA-256 | 1ce5e4fcdcb2acbdce162b2be890b3cc7a74c271c3e1885443f9c9b318d98138
Debian Security Advisory 2548-1
Posted Sep 14, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2548-1 - Severel vulnerabilities have been discovered in Tor, an online privacy tool.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2012-3518, CVE-2012-3519, CVE-2012-4419
SHA-256 | 7c12c1bb198059f418d98a783d17c970ceac8c78f4b178312dd97b0621450b41
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    66 Files
  • 9
    Oct 9th
    25 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    21 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    14 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close