SB2012012301 - Gentoo update for Tor

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2011-2768)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Tor before 0.2.2.34, when configured as a client or bridge, sends a TLS certificate chain as part of an outgoing OR connection, which allows remote relays to bypass intended anonymity properties by reading this chain and then determining the set of entry guards that the client or bridge had selected.

2) Information disclosure (CVE-ID: CVE-2011-2769)

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

Tor before 0.2.2.34, when configured as a bridge, accepts the CREATE and CREATE_FAST values in the Command field of a cell within an OR connection that it initiated, which allows remote relays to enumerate bridges by using these values.

3) Buffer overflow (CVE-ID: CVE-2011-2778)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

Multiple heap-based buffer overflows in Tor before 0.2.2.35 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code by (1) establishing a SOCKS connection to SocksPort or (2) leveraging a SOCKS proxy configuration.

Remediation

Install update from vendor's website.

References

• https://security.gentoo.org/
• https://security.gentoo.org/glsa/201201-12