Release date:
Updated on:
Affected Systems:
Tor <0.2.1.28
Description:
--------------------------------------------------------------------------------
Bugtraq id: 45500
Cve id: CVE-2010-1676
Tor is a free software and an open network that prevents threats to personal freedom and privacy, confidential business activities, and national security.
An input verification vulnerability exists in Tor implementation. Attackers can exploit this vulnerability to execute arbitrary code in affected applications, resulting in DOS control of affected systems.
<* Source: Willem Pinckaers
Link: http://archives.seul.org/or/announce/Dec-2010/msg00000.html
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Tor
---
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://tor.eff.org/