FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

tor -- remote code execution and crash

Affected packages
tor < 0.2.1.29
tor-devel < 0.2.2.21.a

Details

VuXML ID 38bdf10e-2293-11e0-bfa4-001676740879
Discovery 2011-01-15
Entry 2011-01-17

The Tor Project reports:

A remote heap overflow vulnerability that can allow remote code execution. Other fixes address a variety of assert and crash bugs, most of which we think are hard to exploit remotely. All Tor users should upgrade.

[source]

References

Bugtraq ID 45832
CVE Name CVE-2011-0427
FreeBSD PR ports/154099
Message 20110117155813.GG3300@moria.seul.org
URL https://gitweb.torproject.org/tor.git/blob/release-0.2.1:/ChangeLog
URL https://gitweb.torproject.org/tor.git/blob/release-0.2.2:/ChangeLog

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.