Summary
This host is installed with Tor and is prone to Information Disclosure vulnerability.
Impact
Successful exploitation will allow attackers to obtain sensitive information that can help them launch further attacks.
Impact level: Application
Solution
Upgrade to version 0.2.1.22 or later
http://www.torproject.org/download.html.en
Insight
The issue is due to bridge directory authorities disclosing all tracked bridge identities when responding to 'dbg-stability.txt' directory queries.
Affected
Tor version prior to 0.2.1.22 and 0.2.2.x before 0.2.2.7-alpha on Linux.
References
Severity
Classification
-
CVE CVE-2010-0383, CVE-2010-0385 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Adobe Digital Edition Information Disclosure Vulnerability (Windows)
- Adobe Digital Edition Information Disclosure Vulnerability (Mac OS X)
- Apache Tomcat Multiple Vulnerabilities - 03 Mar14
- Apple Safari 'Webkit' Multiple Vulnerabilities -01 Feb15 (Mac OS X)
- Apple Safari Webkit Multiple Vulnerabilities - March 2011