Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2007-4174

Tor before 0.1.2.16, when ControlPort is enabled, does not properly restrict commands to localhost port 9051, which allows remote attackers to modify the torrc configuration file, compromise anonymity, and have other unspecified impact via HTTP POST data containing commands without valid authentication, as demonstrated by an HTML form (1) hosted on a web site or (2) injected by a Tor exit node.

Related bugs and status

CVE-2007-4174 (Candidate) is related to these bugs:

Bug #152232: Tor is vulnerable to a rewrite vuln on the controlport

Summary				In	Importance	Status
	152232	Tor is vulnerable to a rewrite vuln on the controlport		Feisty Backports	Undecided	Fix Released
	152232	Tor is vulnerable to a rewrite vuln on the controlport		tor (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MLIST: [or-announce] 20070802...
BID: 25188
SECUNIA: 26301
SECTRACK: 1018510
MLIST: [or-announce] 20070901...
OSVDB: 36271
VUPEN: ADV-2007-2768
XF: tor-controlport-securi...
XF: tor-control-command-ex...