Tor 0.1.2.15 ControlPort Missing Authentication Unauthorized Access Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25188/info Tor is prone to an unauthorized-access vulnerability due to a design error when handling multiple connections to the ControlPort. An attacker can exploit this issue to reconfigure Tor and significantly weaken t...

Tor < 0.1.2.16 ControlPort Remote Rewrite Exploit

No description provided by source. !-- Tor 0.1.2.16 with ControlPort enabled not default Exploit for Tor ControlPort torrc Rewrite Vulnerability http://secunia.com/advisories/26301 Rewrites the torrc to log to a different location: C:\Documents and Settings\All Users\Start...

Tor &lt; 0.1.2.16 ControlPort Remote Rewrite Exploit

No description provided by source. !-- Tor 0.1.2.16 with ControlPort enabled not default Exploit for Tor ControlPort "torrc" Rewrite Vulnerability http://secunia.com/advisories/26301...

tor01216-rewrite.txt

t.bat which will run calc.exe on next boot. This is not very silent though, t.bat will contain something like 45 rows of crap which the user will see in about 1 sec, drop me a mail if you have a better way. Either have a TOR user visit this HTML or inject it into her traffic when you're a TOR exi...

Tor < 0.1.2.16 ControlPort Remote Rewrite Exploit

Exploit for unknown platform in category remote exploits ================================================= Tor t.bat which will run calc.exe on next boot. This is not very silent though, t.bat will contain something like 45 rows of crap which the user will see in about 1 sec, drop me a mail if yo...

Tor 0.1.2.16 - ControlPort Remote Rewrite

Tor 0.1.2.16 - ControlPort Remote Rewrite t.bat which will run calc.exe on next boot. This is not very silent though, t.bat will contain something like 45 rows of crap which the user will see in about 1 sec, drop me a mail if you have a better way. Either have a TOR user visit this HTML or inject...

Tor &lt; 0.1.2.16 - ControlPort Remote Rewrite

t.bat which will run calc.exe on next boot. This is not very silent though, t.bat will contain something like 45 rows of crap which the user will see in about 1 sec, drop me a mail if you have a better way. Either have a TOR user visit this HTML or inject it into her traffic when you're a TOR exi...

Tor ControlPort功能torrc配置文件重写漏洞

BUGTRAQ ID: 25188 Tor是一个工具集，帮助各类组织和个人增强互联网上活动的安全。 Tor在处理特定的连接功能时存在漏洞，远程攻击者可能利用此漏洞非授权获取访问。 如果启用了Tor中的ControlPort功能的话，则在处理到ControlPort的多个连接时远程攻击者可以在某些情况下非授权重写用户的torrc配置文件，这可能弱化软件所提供的匿名服务。 Tor 0.1.2.15 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://tor.eff.org/download.html.en...

CVE-2007-4174

Tor before 0.1.2.16, when ControlPort is enabled, does not properly restrict commands to localhost port 9051, which allows remote attackers to modify the torrc configuration file, compromise anonymity, and have other unspecified impact via HTTP POST data containing commands without valid...

CVE-2007-4174

Tor before 0.1.2.16, when ControlPort is enabled, does not properly restrict commands to localhost port 9051, which allows remote attackers to modify the torrc configuration file, compromise anonymity, and have other unspecified impact via HTTP POST data containing commands without valid...

CVE-2007-4174

CVE-2007-4174 affects Tor prior to 0.1.2.16, where enabling ControlPort allows remote commands to be sent via HTTP POST without authentication to localhost port 9051, enabling modification of torrc and potential anonymity compromise. Public feeds confirm the issue and reference Fedora advisories ...

CVE-2007-4174

Tor before 0.1.2.16, when ControlPort is enabled, does not properly restrict commands to localhost port 9051, which allows remote attackers to modify the torrc configuration file, compromise anonymity, and have other unspecified impact via HTTP POST data containing commands without valid...

CVE-2007-4174

Tor before 0.1.2.16, when ControlPort is enabled, does not properly restrict commands to localhost port 9051, which allows remote attackers to modify the torrc configuration file, compromise anonymity, and have other unspecified impact via HTTP POST data containing commands without valid...

Tor 0.1.2.15 - ControlPort Missing Authentication Unauthorized Access

Tor 0.1.2.15 - ControlPort Missing Authentication Unauthorized Access source: https://www.securityfocus.com/bid/25188/info Tor is prone to an unauthorized-access vulnerability due to a design error when handling multiple connections to the ControlPort. An attacker can exploit this issue to...

Tor 0.1.2.15 - ControlPort Missing Authentication Unauthorized Access

source: https://www.securityfocus.com/bid/25188/info Tor is prone to an unauthorized-access vulnerability due to a design error when handling multiple connections to the ControlPort. An attacker can exploit this issue to reconfigure Tor and significantly weaken the anonymity provided by the...