[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Tor < 0.1.2.16 ControlPort Remote Rewrite Exploit

To: or-talk@xxxxxxxxxxxxx
Subject: Re: Tor < 0.1.2.16 ControlPort Remote Rewrite Exploit
From: "Kyle Williams" <kyle.kwilliams@xxxxxxxxx>
Date: Sat, 29 Sep 2007 15:11:34 -0700
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Sat, 29 Sep 2007 18:11:44 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; bh=PfJRKL6poVkDn7hcf3BnhLLOVOXbFyrvMJBycUUi/oU=; b=adhC4PuimEwnWpnaJAOuDKdvfFfovZ/BpL3Ndv2u5/As3YQv286VLqwlHPKOVHwRhaqP1GkBjFggZWOVXnfXHxId+V/nbfUQaWc+VSSbEP+XMszaSuOTZLR3nDST4yGZGE0Noz9Reihz7vb1yevbe2y5iy2ehjZs5MnGyUaRF0M=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; b=OX4zKy695GI4GGHJ746YCOYLw04vu6rHntHe5ZytvS9eFYaTV6rcVEvEZcnAiF38Ya56T8H+J/fBLNWRKiyMdLv5l5LuoVjGOfWCbkMwUAG5jmODlWnnnP6iraGPMwySj0zDNYNAI3k1pm1TMmFg0URYgtO3fFfPsitc4g/0KSw=
In-reply-to: <20070929.142551.12468.0@xxxxxxxxxxxxxxxxxxxxxx>
References: <20070929.142551.12468.0@xxxxxxxxxxxxxxxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

On 9/29/07, Paul Ferguson <fergdawg@xxxxxxxxxxx> wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

A Proof-of-Concept exploit is now circulating:

http://www.milw0rm.com/exploits/4468

Needless to say, people are encourage to run 0.1.2.17 or better. :-)

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.3 (Build 3017)

wj8DBQFG/sLSq1pz9mNUZTMRAjLzAJ9keMavFeEB0nDmvL1uhNBdrmAvpgCfSUdS
ybz+X1lVZKtkTtFVTCBUzk4=
=Qz2y
-----END PGP SIGNATURE-----

--
"Fergie", a.k.a. Paul Ferguson
Engineering Architecture for the Internet
fergdawg(at)netzero.net
ferg's tech blog: http://fergdawg.blogspot.com/

Also,
http://secunia.com/advisories/26301

I like how they labeled it "Moderately critical"...that's an understatement.

Looks like the cat is really out of the bag now, time to post the full write up I've been sitting on.
It's been 8 weeks now, so if you haven't update Tor, then you should do that ASAP.

References:
- Tor < 0.1.2.16 ControlPort Remote Rewrite Exploit
  - From: Paul Ferguson

Prev by Author: Re: Maone wrote: "Today’s lesson is: if you want to stay anonymous, you’d better turn off Java, Flash and any other plugin!"
Next by Author: Re: Maone wrote: "Today’s lesson is: if you want to stay anonymous, you’d better turn off Java, Flash and any other plugin!"
Previous by thread: Tor < 0.1.2.16 ControlPort Remote Rewrite Exploit
Next by thread: sequence of reachability testing for DirPort and ORPort
Index(es):
- Author
- Thread