10 matches found
EUVD-2023-27689
Malicious code in bioql PyPI...
Advisory ROSA-SA-2023-2219
software: tor 0.4.6.10 OS: ROSA-CHROME packageevrstring: tor-0.4.6.10-2.src.rpm CVE-ID: CVE-2023-23589 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: The SafeSocks option in Tor before version 0.4.7.13 has a logic error that can use the insecure SOCKS4 protocol, but not the secure SOCKS4a protocol, aka...
Debian dla-3286 : tor - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3286 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3286-1 [email protected] https://www.debian.org/lts/security/...
Updated tor packages fix security vulnerability
SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002. CVE-2023-23589...
Debian DSA-5320-1 : tor - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5320 advisory. A logic error was discovered in the implementation of the SafeSocks option of Tor, a connection-based low- latency anonymous communication system, which did result in...
CVE-2023-23589
The SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002...
Design/Logic Flaw
The SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002...
CVE-2023-23589
The SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002...
CVE-2023-23589
CVE-2023-23589 concerns Tor’s SafeSocks option. A logic error lets unsafe SOCKS4 traffic pass while blocking the safe SOCKS4a path (TROVE-2022-002). Affected: Tor before 0.4.7.13 (various distributions reference this vulnerability in advisories and security updates). Impact stated in sources: exp...
FreeBSD : security/tor -- SOCKS4(a) inversion bug (847f16e5-9406-11ed-a925-3065ec8fd3ec)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 847f16e5-9406-11ed-a925-3065ec8fd3ec advisory. - The Tor Project reports: TROVE-2022-002: The SafeSocks option for SOCKS4a is inverted leading to SOCK...