Tor is vulnerable to a rewrite vuln on the controlport
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Feisty Backports |
Fix Released
|
Undecided
|
Unassigned | ||
tor (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Bug Description
Well I already filled out a bugreport about that tor is way to outdated more than 2 months ago and you didn't care. Maybe a security-vuln will change this. Source: http://
Description:
A vulnerability has been reported in Tor, which can be exploited by malicious people to bypass certain security restrictions.
The vulnerability is caused due to the ControlPort (localhost:9051) handling commands without authentication when the first command was not a successful "authenticate" command. This can be exploited to e.g. modify the "torrc" file, when a user views a malicious web page containing a specially crafted POST request or via a malicious tor exit node.
Successful exploitation may compromise a user's anonymity, but requires that the ControlPort is enabled.
The vulnerability is reported in versions prior to 0.1.2.16.
Addition: The control port is activated by default. An exploit also if its just for the windows version has already been released: http://
CVE-2007-4174