Tor 0.1.2.16
Posted on Tuesday, August 07 2007 @ 12:55 CEST by Thomas De MaesschalckTor 0.1.2.16 fixes a critical security vulnerability that allows a remote attacker in certain situations to rewrite the user's torrc configuration file. This can completely compromise anonymity of users in most configurations, including those running the Vidalia bundles, TorK, etc. Or worse.
Users who do not have ControlPort enabled are secure; if you are not sure, you should upgrade and you should probably overwrite your torrc file with the default when you upgrade.
Major security fixes:
- Close immediately after missing authentication on control port; do not allow multiple authentication attempts.
Program Information Category: Tools and Utilities Type: Free Version: 0.1.2.16 Size: 6.28MB Works on: Windows Product page: here |
Loading Comments