---------------------------------------------------------------------- Did you know that a change in our assessment rating, exploit code availability, or if an updated patch is released by the vendor, is not part of this mailing-list? Click here to learn more: http://secunia.com/advisories/business_solutions/ ---------------------------------------------------------------------- TITLE: Tor Two Weaknesses SECUNIA ADVISORY ID: SA33025 VERIFY ADVISORY: http://secunia.com/advisories/33025/ CRITICAL: Not critical IMPACT: Security Bypass, Privilege escalation WHERE: >From remote SOFTWARE: Tor 0.2.0.x http://secunia.com/advisories/product/20669/ DESCRIPTION: Two weaknesses have been reported in Tor, which can be exploited by malicious, local users to potentially perform certain actions with escalated privileges or by malicious people to bypass certain security restrictions. 1) The application does not properly drop privileges to the primary groups of the user specified via the "User" parameter. This may result in the tor process running with higher privileges than intended. Note: This may affect UNIX like operating systems only. 2) The "ClientDNSRejectInternalAddresses" configuration option is not always enforced, which weakens the security and could open a vector for further attacks. SOLUTION: Update to version 0.2.0.32. https://www.torproject.org/download.html PROVIDED AND/OR DISCOVERED BY: 1) Theo de Raadt 2) rovv ORIGINAL ADVISORY: http://blog.torproject.org/blog/tor-0.2.0.32-released ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------