Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 134329

Summary: net-misc/tor: buff overflow; DoS; log spoofing
Product: Gentoo Security Reporter: Raphael Marichez (Falco) (RETIRED) <falco>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: humpback
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://secunia.com/advisories/20277
Whiteboard: B2 [glsa] Falco
Package list:
Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 118918    

Description Raphael Marichez (Falco) (RETIRED) gentoo-dev 2006-05-25 07:33:19 UTC 
Hi,

Secunia advises to update to version 0.1.1.20.
This may also correct bug 118918 (Information disclosure).

---------------------------------------------


Software:	Tor 0.1.0.x

Description:
Some vulnerabilities and a weakness have been reported in Tor, which can be exploited by malicious people to spoof log entries, disclose certain sensitive information, and cause a DoS (Denial of Service).

1) Input strings received from the network isn't properly sanitised before being displayed. This can potentially be exploited to spoof log entries via certain non-printable characters.

2) An unspecified error in the directory server can be exploited to cause a DoS.

3) Some integer overflow errors exists when adding elements to smartlists. This can potentially be exploited to cause a buffer overflow via malicious large inputs.

4) An error in which internal circuits are picked based on the circuits having useful exit nodes, can potentially reveal certain information via statistical attacks.

The vulnerabilities and weakness have been reported in versions prior to 0.1.1.20.

Note: Several other issues, which may be security related, have also been fixed.

Solution:
Update to version 0.1.1.20.
http://tor.eff.org/download.html

Provided and/or discovered by:
1-3) Reported by vendor.
4) Lasse Overlier

Original Advisory:
http://tor.eff.org/cvs/tor/ChangeLog
Comment 1 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2006-05-25 07:34:06 UTC 
Setting to B2 because of #3 :

3) Some integer overflow errors exists when adding elements to smartlists. This can potentially be exploited to cause a buffer overflow via malicious large inputs.
Comment 2 Thierry Carrez (RETIRED) gentoo-dev 2006-05-25 11:07:08 UTC 
0.1.1.20 has entry guards so should fix bug 118918 as well.
Comment 3 Thierry Carrez (RETIRED) gentoo-dev 2006-05-30 11:27:52 UTC 
humpback, please bump tor
Comment 4 Stefan Cornelius (RETIRED) gentoo-dev 2006-05-31 20:13:55 UTC 
Arches please test and mark 0.1.1.20 stable, thank you.

Last bug activity of humpback: 132125: 2006-05-08 05:27:31
So I bumped this myself, without the untested chroot stuff.
Comment 5 Joshua Jackson (RETIRED) gentoo-dev 2006-05-31 22:57:58 UTC 
x86 is done. Good old tor.
Comment 6 Markus Rothe (RETIRED) gentoo-dev 2006-05-31 23:44:18 UTC 
stable on ppc64
Comment 7 Tobias Scherbaum (RETIRED) gentoo-dev 2006-06-01 11:30:22 UTC 
ppc stable
Comment 8 Gustavo Zacarias (RETIRED) gentoo-dev 2006-06-01 13:20:08 UTC 
sparc stable.
Comment 9 Simon Stelling (RETIRED) gentoo-dev 2006-06-05 10:07:51 UTC 
amd64 staaable
Comment 10 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2006-06-07 11:09:50 UTC 
GLSA 200606-04