Gentoo update for Tor
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2011-2768 CVE-2011-2769 CVE-2011-2778 |
| CWE-ID | CWE-264 CWE-200 CWE-119 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Gentoo Linux Operating systems & Components / Operating system |
| Vendor | Gentoo |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU44434
Risk: Medium
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2011-2768
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Tor before 0.2.2.34, when configured as a client or bridge, sends a TLS certificate chain as part of an outgoing OR connection, which allows remote relays to bypass intended anonymity properties by reading this chain and then determining the set of entry guards that the client or bridge had selected.
MitigationUpdate the affected packages.
net-misc/tor to version: 0.2.2.35
Gentoo Linux: All versions
CPE2.3 External linkshttps://security.gentoo.org/
https://security.gentoo.org/glsa/201201-12
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Information disclosure
EUVDB-ID: #VU44435
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2011-2769
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
Tor before 0.2.2.34, when configured as a bridge, accepts the CREATE and CREATE_FAST values in the Command field of a cell within an OR connection that it initiated, which allows remote relays to enumerate bridges by using these values.
MitigationUpdate the affected packages.
net-misc/tor to version: 0.2.2.35
Gentoo Linux: All versions
CPE2.3 External linkshttps://security.gentoo.org/
https://security.gentoo.org/glsa/201201-12
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Buffer overflow
EUVDB-ID: #VU44429
Risk: Medium
CVSSv4.0: 4.8 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2011-2778
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
Multiple heap-based buffer overflows in Tor before 0.2.2.35 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code by (1) establishing a SOCKS connection to SocksPort or (2) leveraging a SOCKS proxy configuration.
MitigationUpdate the affected packages.
net-misc/tor to version: 0.2.2.35
Gentoo Linux: All versions
CPE2.3 External linkshttps://security.gentoo.org/
https://security.gentoo.org/glsa/201201-12
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
