Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 559028 - <net-misc/tor-0.2.7.6: Logging malformed hostnames in socks5 requests leaks sensitive information
Summary: <net-misc/tor-0.2.7.6: Logging malformed hostnames in socks5 requests leaks s...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://bugzilla.redhat.com/show_bug....
Whiteboard: B4 [noglsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2015-08-28 12:08 UTC by Agostino Sarubbo
Modified: 2016-07-01 04:34 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2015-08-28 12:08:56 UTC
From ${URL} :

A bug was found in src/or/buffers.c::parse_socks(), where escaped() function on the request address is used rather than escaped_safe_str_client(). When a socks5 client application sends a request with a malformed hostname, the full hostaname is logged, while 
rejecting the connection, instead of logging [scrubbed] name, respecting the SafeLogging configuration.

Upstream patch:

https://gitweb.torproject.org/tor.git/commit/?id=19df037e53331ae528b876f225be08f198e0f8b6


@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Anthony Basile gentoo-dev 2016-01-12 22:16:54 UTC
this is an old but which has long been fixed.
Comment 2 Anthony Basile gentoo-dev 2016-07-01 03:22:12 UTC
(In reply to Anthony Basile from comment #1)
> this is an old but which has long been fixed.

since security is running around p.masking stuff, let me put it very cleary that THIS IS LONG FIXED.  Don't p.mask.
Comment 3 Aaron Bauman (RETIRED) gentoo-dev 2016-07-01 04:34:03 UTC
Fix has been confirmed to be in the =net-misc/tor-0.2.7.6 source.

1826             log_warn(LD_PROTOCOL,
1827                      "Your application (using socks5 to port %d) gave Tor "
1828                      "a malformed hostname: %s. Rejecting the connection.",
1829                      req->port, escaped_safe_str_client(req->address));
1830             return -1;
1831           }



GLSA Vote: No