Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 134329 - net-misc/tor: buff overflow; DoS; log spoofing
Summary: net-misc/tor: buff overflow; DoS; log spoofing
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
URL: http://secunia.com/advisories/20277
Whiteboard: B2 [glsa] Falco
Keywords:
Depends on:
Blocks: 118918
  Show dependency tree
 
Reported: 2006-05-25 07:33 UTC by Raphael Marichez (Falco) (RETIRED)
Modified: 2006-06-07 11:09 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Raphael Marichez (Falco) (RETIRED) gentoo-dev 2006-05-25 07:33:19 UTC
Hi,

Secunia advises to update to version 0.1.1.20.
This may also correct bug 118918 (Information disclosure).

---------------------------------------------


Software:	Tor 0.1.0.x

Description:
Some vulnerabilities and a weakness have been reported in Tor, which can be exploited by malicious people to spoof log entries, disclose certain sensitive information, and cause a DoS (Denial of Service).

1) Input strings received from the network isn't properly sanitised before being displayed. This can potentially be exploited to spoof log entries via certain non-printable characters.

2) An unspecified error in the directory server can be exploited to cause a DoS.

3) Some integer overflow errors exists when adding elements to smartlists. This can potentially be exploited to cause a buffer overflow via malicious large inputs.

4) An error in which internal circuits are picked based on the circuits having useful exit nodes, can potentially reveal certain information via statistical attacks.

The vulnerabilities and weakness have been reported in versions prior to 0.1.1.20.

Note: Several other issues, which may be security related, have also been fixed.

Solution:
Update to version 0.1.1.20.
http://tor.eff.org/download.html

Provided and/or discovered by:
1-3) Reported by vendor.
4) Lasse Overlier

Original Advisory:
http://tor.eff.org/cvs/tor/ChangeLog
Comment 1 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2006-05-25 07:34:06 UTC
Setting to B2 because of #3 :

3) Some integer overflow errors exists when adding elements to smartlists. This can potentially be exploited to cause a buffer overflow via malicious large inputs.
Comment 2 Thierry Carrez (RETIRED) gentoo-dev 2006-05-25 11:07:08 UTC
0.1.1.20 has entry guards so should fix bug 118918 as well.
Comment 3 Thierry Carrez (RETIRED) gentoo-dev 2006-05-30 11:27:52 UTC
humpback, please bump tor
Comment 4 Stefan Cornelius (RETIRED) gentoo-dev 2006-05-31 20:13:55 UTC
Arches please test and mark 0.1.1.20 stable, thank you.

Last bug activity of humpback: 132125: 2006-05-08 05:27:31
So I bumped this myself, without the untested chroot stuff.
Comment 5 Joshua Jackson (RETIRED) gentoo-dev 2006-05-31 22:57:58 UTC
x86 is done. Good old tor.
Comment 6 Markus Rothe (RETIRED) gentoo-dev 2006-05-31 23:44:18 UTC
stable on ppc64
Comment 7 Tobias Scherbaum (RETIRED) gentoo-dev 2006-06-01 11:30:22 UTC
ppc stable
Comment 8 Gustavo Zacarias (RETIRED) gentoo-dev 2006-06-01 13:20:08 UTC
sparc stable.
Comment 9 Simon Stelling (RETIRED) gentoo-dev 2006-06-05 10:07:51 UTC
amd64 staaable
Comment 10 Sune Kloppenborg Jeppesen gentoo-dev 2006-06-07 11:09:50 UTC
GLSA 200606-04