← volver
CVE-2008-5397

CVE-2008-5397

EPSS 0.4%
Tor before 0.2.0.32 does not properly process the (1) User and (2) Group configuration options, which might allow local users to gain privileges by leveraging unintended supplementary group memberships of the Tor process.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://blog.torproject.org/blog/tor-0.2.0.32-releasedhttp://secunia.com/advisories/33025http://secunia.com/advisories/34583http://security.gentoo.org/glsa/glsa-200904-11.xmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/47101http://www.securityfocus.com/bid/32648http://www.vupen.com/english/advisories/2008/3366