SB2011101802 - Gentoo update for Tor

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2011101802

SB2011101802 - Gentoo update for Tor

Published: October 18, 2011 Updated: January 12, 2023

Security Bulletin ID SB2011101802
Severity
Medium
Patch available
YES
Number of vulnerabilities 8
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

Medium 13% Low 88%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 8 secuirty vulnerabilities.


1) Input validation error (CVE-ID: CVE-2011-0015)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not properly check the amount of compression in zlib-compressed data, which allows remote attackers to cause a denial of service via a large compression factor.


2) Resource management error (CVE-ID: CVE-2011-0016)

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not properly manage key data in memory, which might allow local users to obtain sensitive information by leveraging the ability to read memory that was previously used by a different process.


3) Heap-based buffer overflow (CVE-ID: CVE-2011-0427)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in Heap-based buffer overflow in Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha. A remote attacker can use unspecified vectors. to trigger heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


4) Input validation error (CVE-ID: CVE-2011-0490)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha makes calls to Libevent within Libevent log handlers, which might allow remote attackers to cause a denial of service (daemon crash) via vectors that trigger certain log messages.


5) Input validation error (CVE-ID: CVE-2011-0491)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The tor_realloc function in Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not validate a certain size value during memory allocation, which might allow remote attackers to cause a denial of service (daemon crash) via unspecified vectors, related to "underflow errors."


6) Resource management error (CVE-ID: CVE-2011-0492)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha allows remote attackers to cause a denial of service (assertion failure and daemon exit) via blobs that trigger a certain file size, as demonstrated by the cached-descriptors.new file.


7) Input validation error (CVE-ID: CVE-2011-0493)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha might allow remote attackers to cause a denial of service (assertion failure and daemon exit) via vectors related to malformed router caches and improper handling of integer values.


8) Buffer overflow (CVE-ID: CVE-2011-1924)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

Buffer overflow in the policy_summarize function in or/policies.c in Tor before 0.2.1.30 allows remote attackers to cause a denial of service (directory authority crash) via a crafted policy that triggers creation of a long port list.


Remediation

Install update from vendor's website.

References