Summary
This host is installed with Tor and is prone to Information Disclosure vulnerability.
Impact
Successful exploitation will allow attackers to obtain sensitive information that can help them launch further attacks.
Impact level: Application
Solution
Upgrade to version 0.2.1.22 or later
http://www.torproject.org/download.html.en
Insight
The issue is due to bridge directory authorities disclosing all tracked bridge identities when responding to 'dbg-stability.txt' directory queries.
Affected
Tor version prior to 0.2.1.22 and 0.2.2.x before 0.2.2.7-alpha on Windows.
References
Severity
Classification
-
CVE CVE-2010-0383, CVE-2010-0385 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Aardvark Topsites Multiple Vulnerabilities
- Apple iTunes Tutorials Window Security Bypass Vulnerability (Mac OS X)
- Apache Tomcat Multiple Vulnerabilities - 02 Mar14
- Adobe Reader 'file://' URL Information Disclosure Vulnerability Feb07 (Linux)
- Adobe Digital Edition Information Disclosure Vulnerability (Mac OS X)