PT-2009-4843 · Tor · Tor

Optimist

Published

2009-07-10

Updated

2017-08-17

CVE-2009-2426

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Tor versions 0.1.x through 0.1.2.8-beta Tor versions 0.2.x through 0.2.0.35

Description The connection edge process relay cell not open function in src/or/relay.c allows exit relays to have an unspecified impact by causing controllers to accept DNS responses that redirect to an internal IP address via unknown vectors.

Recommendations For Tor versions 0.1.x through 0.1.2.8-beta, update to version 0.1.2.8-beta or later. For Tor versions 0.2.x through 0.2.0.35, update to version 0.2.0.35 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2009-2426

Affected Products

Tor

PT-2009-4843 · Tor · Tor

CVE-2009-2426

Related Identifiers

Affected Products

References · 11