11 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-23589
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka...
Debian dla-3286 : tor - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3286 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3286-1 [email protected] https://www.debian.org/lts/security/...
[SECURITY] [DLA 3286-1] tor security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3286-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz January 28, 2023 https://wiki.debian.org/LTS -...
Updated tor packages fix security vulnerability
SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002. CVE-2023-23589...
MGASA-2023-0017 Updated tor packages fix security vulnerability
SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002. CVE-2023-23589...
Fedora 36 : tor (2023-1254a1fc28)
The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-1254a1fc28 advisory. update to latest upstream release Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
Debian DSA-5320-1 : tor - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5320 advisory. A logic error was discovered in the implementation of the SafeSocks option of Tor, a connection-based low- latency anonymous communication system, which did result in...
[SECURITY] [DSA 5320-1] tor security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5320-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 16, 2023 https://www.debian.org/security/faq -...
CVE-2023-23589
The SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002...
CVE-2023-23589
The SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002...
CVE-2023-23589
CVE-2023-23589 concerns Tor’s SafeSocks option. A logic error lets unsafe SOCKS4 traffic pass while blocking the safe SOCKS4a path (TROVE-2022-002). Affected: Tor before 0.4.7.13 (various distributions reference this vulnerability in advisories and security updates). Impact stated in sources: exp...