EUVD-2023-27689

Malicious code in bioql PyPI...

Advisory ROSA-SA-2023-2219

software: tor 0.4.6.10 OS: ROSA-CHROME packageevrstring: tor-0.4.6.10-2.src.rpm CVE-ID: CVE-2023-23589 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: The SafeSocks option in Tor before version 0.4.7.13 has a logic error that can use the insecure SOCKS4 protocol, but not the secure SOCKS4a protocol, aka...

Debian dla-3286 : tor - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3286 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3286-1 [email protected] https://www.debian.org/lts/security/...

[SECURITY] [DLA 3286-1] tor security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3286-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz January 28, 2023 https://wiki.debian.org/LTS -...

MGASA-2023-0017 Updated tor packages fix security vulnerability

SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002. CVE-2023-23589...

Updated tor packages fix security vulnerability

SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002. CVE-2023-23589...

Debian DSA-5320-1 : tor - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5320 advisory. A logic error was discovered in the implementation of the SafeSocks option of Tor, a connection-based low- latency anonymous communication system, which did result in...

[SECURITY] [DSA 5320-1] tor security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5320-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 16, 2023 https://www.debian.org/security/faq -...

PT-2023-35502 · Tor · Tor

Name of the Vulnerable Software and Affected Versions: tor versions 0.4.7.12 through 0.4.7.13 Description: The issue concerns a fix for the SafeSocks option to avoid DNS leaks. Additionally, there are improvements to congestion control and fixes for relay channel handling. New metrics are also...

CVE-2023-23589

The SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002...

DEBIAN-CVE-2023-23589

The SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002...

CVE-2023-23589

The SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002...

Design/Logic Flaw

The SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002...

CVE-2023-23589

The SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002...

Tor 安全漏洞

Tor is a network of virtual tunnels. It allows individuals and groups to increase their privacy and security on the Internet. A security vulnerability exists in versions prior to Tor 0.4.7.13, which stems from a logic error in the SafeSocks option that allows the use of the insecure SOCKS4 protoc...

CVE-2023-23589

The SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002...

CVE-2023-23589

The SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002...

FreeBSD : security/tor -- SOCKS4(a) inversion bug (847f16e5-9406-11ed-a925-3065ec8fd3ec)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 847f16e5-9406-11ed-a925-3065ec8fd3ec advisory. - The Tor Project reports: TROVE-2022-002: The SafeSocks option for SOCKS4a is inverted leading to SOCK...

PT-2023-19061 · Tor +1 · Tor +1

Name of the Vulnerable Software and Affected Versions: Tor versions prior to 0.4.7.13 Description: The issue is related to a logic error in the SafeSocks option, where the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol. Recommendations: For versions prior to 0.4.7.13, update...

CVE-2023-23589

CVE-2023-23589 concerns Tor’s SafeSocks option. A logic error lets unsafe SOCKS4 traffic pass while blocking the safe SOCKS4a path (TROVE-2022-002). Affected: Tor before 0.4.7.13 (various distributions reference this vulnerability in advisories and security updates). Impact stated in sources: exp...