Vulnerabilities > CVE-2009-0414 - Resource Management Errors vulnerability in TOR
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Unspecified vulnerability in Tor before 0.2.0.33 has unspecified impact and remote attack vectors that trigger heap corruption.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200904-11.NASL description The remote host is affected by the vulnerability described in GLSA-200904-11 (Tor: Multiple vulnerabilities) Theo de Raadt reported that the application does not properly drop privileges to the primary groups of the user specified via the last seen 2020-06-01 modified 2020-06-02 plugin id 36139 published 2009-04-11 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/36139 title GLSA-200904-11 : Tor: Multiple vulnerabilities NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_100A9ED2EE5611DDAB4F0030843D3802.NASL description Secunia reports : A vulnerability with an unknown impact has been reported in Tor. The vulnerability is caused due to an unspecified error and can be exploited to trigger a heap corruption. No further information is currently available. last seen 2020-06-01 modified 2020-06-02 plugin id 35562 published 2009-02-01 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/35562 title FreeBSD : tor -- unspecified memory corruption vulnerability (100a9ed2-ee56-11dd-ab4f-0030843d3802) NASL family Fedora Local Security Checks NASL id FEDORA_2009-0897.NASL description New upstream release 0.2.0.33, with lots of bug fixes and one security fix: https://blog.torproject.org/blog/tor-0.2.0.33-stable-released Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 35457 published 2009-01-26 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/35457 title Fedora 9 : tor-0.2.0.33-1.fc9 (2009-0897)
References
- http://archives.seul.org/or/announce/Jan-2009/msg00000.html
- http://blog.torproject.org/blog/tor-0.2.0.33-stable-released
- http://secunia.com/advisories/33635
- http://secunia.com/advisories/33677
- http://secunia.com/advisories/34583
- http://security.gentoo.org/glsa/glsa-200904-11.xml
- http://www.securityfocus.com/bid/33399
- http://www.securitytracker.com/id?1021633
- http://www.vupen.com/english/advisories/2009/0210
- https://www.redhat.com/archives/fedora-package-announce/2009-January/msg00902.html