[e-privacy] [Fwd: [Full-disclosure] [ GLSA 200904-11 ] Tor: Multiple vulnerabilities]
vecna
vecna at s0ftpj.org
Thu Apr 9 01:01:24 CEST 2009
Vulnerabilita' su software TOR, forse e' meglio aggiornarlo.
Problemi possibili:
A local attacker could escalate privileges by leveraging unintended
supplementary group memberships of the Tor process. A remote attacker
could exploit these vulnerabilities to cause a heap corruption with
unknown impact and attack vectors, to cause a Denial of Service via CPU
consuption or daemon crash, and to weaken anonymity provided by the
service.
nulla di compromettente per l'anonimato nel senso crittografico, ma
compromettente in quanto rete possibilitamente ostacolabile da attacchi
esterni.
-------------- next part --------------
An embedded message was scrubbed...
From: unknown sender
Subject: no subject
Date: no date
Size: 38
URL: <http://lists.winstonsmith.org/pipermail/e-privacy/attachments/20090409/8351699a/attachment.eml>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 249 bytes
Desc: OpenPGP digital signature
URL: <http://lists.winstonsmith.org/pipermail/e-privacy/attachments/20090409/8351699a/attachment.pgp>
More information about the E-privacy
mailing list