Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 275628 (CVE-2009-2425) - <net-misc/tor- and <net-misc/tor- DoS, Spoofing (CVE-2009-{2425,2426})
Summary: <net-misc/tor- and <net-misc/tor- DoS, Spoofing (CVE-2009...
Alias: CVE-2009-2425
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High minor (vote)
Assignee: Gentoo Security
Whiteboard: B3 [noglsa]
Depends on:
Reported: 2009-06-27 18:38 UTC by Alex Legler (RETIRED)
Modified: 2009-07-12 11:21 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Alex Legler (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2009-06-27 18:38:41 UTC
From Secunia:

1) An error exists when parsing certain malformed router descriptors and can be exploited to crash Tor via specially crafted router descriptors.

2) An error within the "connection_edge_process_relay_cell_not_open()" function in src/or/relay.c can be exploited by malicious exit relays to spoof that a client's DNS request resolves to an internal IP address.

The vulnerabilities are reported in versions prior to Other versions may also be affected.
Comment 1 Christian Faulhammer (RETIRED) gentoo-dev 2009-06-28 13:36:59 UTC
Dear arches please stabilise 

Target KEYWORDS="amd64 ppc ppc64 sparc x86 ~x86-fbsd

x86 already done.
Comment 2 Christian Faulhammer (RETIRED) gentoo-dev 2009-06-29 10:03:28 UTC
This also affects net-misc/tor- which was hard masked in the also bumped
Comment 3 Markus Meier gentoo-dev 2009-06-29 20:50:58 UTC
amd64 stable
Comment 4 Raúl Porcel (RETIRED) gentoo-dev 2009-06-30 14:12:53 UTC
sparc stable
Comment 5 Brent Baude (RETIRED) gentoo-dev 2009-06-30 21:50:43 UTC
ppc64 done
Comment 6 Stefan Behte (RETIRED) gentoo-dev Security 2009-07-10 23:34:55 UTC
CVE-2009-2425 (
  Tor before allows remote attackers to cause a denial of
  service (application crash) via a malformed router descriptor.

CVE-2009-2426 (
  The connection_edge_process_relay_cell_not_open function in
  src/or/relay.c in Tor 0.2.x before and 0.1.x before allows exit relays to have an unspecified impact by
  causing controllers to accept DNS responses that redirect to an
  internal IP address via unknown vectors.  NOTE: some of these details
  are obtained from third party information.

Comment 7 Joe Jezak (RETIRED) gentoo-dev 2009-07-12 01:04:20 UTC
Marked ppc stable, closing since we're the last arch.
Comment 8 Alex Legler (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2009-07-12 08:25:38 UTC
(In reply to comment #7)
> Marked ppc stable, closing since we're the last arch.

Please don't close security bugs after stabling, thanks :)

GLSA voting: NO.
Comment 9 Stefan Behte (RETIRED) gentoo-dev Security 2009-07-12 11:21:08 UTC
NO, too. Closing.