[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: critical security vulnaribility fixed in Tor 0.1.2.16



Please describe a little bit. "You're wrong" is not a good answer.
Please describe how someone can reach port 9051 behind a firewall. Or is the attack not done by connecting to the control port 9051? Is it done by connecting to the advertised port? (in my case 995)

/Viking


coderman skrev:
On 8/4/07, vikingserver@xxxxxxxxx <vikingserver@xxxxxxxxx> wrote:
  
 ...
 To my understanding any Tor client or server behind a well-configured
physical firewall aren't vulnerable to this type of attack.
...
 (Please tell me if I'm wrong.
    

you're wrong.  upgrade to the latest version (0.1.2.16 or
0.2.0.4-alpha) to avoid this type of attack.

best regards,