CVE-2015-2928

Related Files

Gentoo Linux Security Advisory 201507-02

Posted Jul 7, 2015

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201507-2 - Two vulnerabilities have been found in Tor, the worst of which can allow remote attackers to cause a Denial of Service condition. Versions less than 0.2.6.7 are affected.

tags | advisory, remote, denial of service, vulnerability

systems | linux, gentoo

advisories | CVE-2015-2928, CVE-2015-2929

SHA-256 | 035bc5f71f6f7bd16e07857160a112d577c88cba3dae215bc97c24a4a44dc6cc

Download | Favorite | View

Mandriva Linux Security Advisory 2015-205

Posted Apr 27, 2015

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-205 - disgleirio discovered that a malicious client could trigger an assertion failure in a Tor instance providing a hidden service, thus rendering the service inaccessible. DonnchaC discovered that Tor clients would crash with an assertion failure upon parsing specially crafted hidden service descriptors. Introduction points would accept multiple INTRODUCE1 cells on one circuit, making it inexpensive for an attacker to overload a hidden service with introductions. Introduction points now no longer allow multiple cells of that type on the same circuit. The tor package has been updated to version 0.2.4.27, fixing these issues.

tags | advisory

systems | linux, mandriva

advisories | CVE-2015-2928, CVE-2015-2929

SHA-256 | 3f8c2c6c3c6ba4ee0c6fa2a297a9758203ce3ca5828f73a99d3217e6d31b4a3a

Download | Favorite | View

Debian Security Advisory 3216-1

Posted Apr 6, 2015

Authored by Debian | Site debian.org

Debian Linux Security Advisory 3216-1 - Several vulnerabilities have been discovered in Tor, a connection-based low-latency anonymous communication system.

tags | advisory, vulnerability

systems | linux, debian

advisories | CVE-2015-2928, CVE-2015-2929

SHA-256 | 81c084de4cd2de6083573bce140eb406f89e273d97f00f390c9dd56fdc86863e

Download | Favorite | View