[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Tor < 0.1.2.16 ControlPort Remote Rewrite Exploit

To: or-talk@xxxxxxxxxxxxx
Subject: Tor < 0.1.2.16 ControlPort Remote Rewrite Exploit
From: "Paul Ferguson" <fergdawg@xxxxxxxxxxx>
Date: Sat, 29 Sep 2007 21:25:51 GMT
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Sat, 29 Sep 2007 17:27:42 -0400
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

A Proof-of-Concept exploit is now circulating:

 http://www.milw0rm.com/exploits/4468

Needless to say, people are encourage to run 0.1.2.17 or better. :-)

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.3 (Build 3017)

wj8DBQFG/sLSq1pz9mNUZTMRAjLzAJ9keMavFeEB0nDmvL1uhNBdrmAvpgCfSUdS
ybz+X1lVZKtkTtFVTCBUzk4=
=Qz2y
-----END PGP SIGNATURE-----



--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/

Follow-Ups:
- Re: Tor < 0.1.2.16 ControlPort Remote Rewrite Exploit
  - From: Kyle Williams

Prev by Author: Re: Odd tor spam - Storm Worm
Next by Author: Re: A Tor Typo
Previous by thread: [ANNOUNCE] Incognito CD/USB 20070824.2 released
Next by thread: Re: Tor < 0.1.2.16 ControlPort Remote Rewrite Exploit
Index(es):
- Author
- Thread