tor -- buffer overflow

2010-12-21T00:00:00
ID DSA-2136
Type debian
Reporter Debian
Modified 2010-12-21T00:00:00

Description

Willem Pinckaers discovered that Tor, a tool to enable online anonymity, does not correctly handle all data read from the network. By supplying specially crafted packets a remote attacker can cause Tor to overflow its heap, crashing the process. Arbitrary code execution has not been confirmed but there is a potential risk.

In the stable distribution (lenny), this update also includes an update of the IP address for the Tor directory authority gabelmoo and addresses a weakness in the package's postinst maintainer script.

For the stable distribution (lenny) this problem has been fixed in version 0.2.1.26-1~lenny+4.

For the testing distribution (squeeze) and the unstable distribution (sid), this problem has been fixed in version 0.2.1.26-6.

We recommend that you upgrade your tor packages.