CVE-2017-0377
CVE-2017-0377
Tor 0.3.x before 0.3.0.9 has a guard-selection algorithm that only considers the exit relay (not the exit relay's family), which might allow remote attackers to defeat intended anonymity properties by leveraging the existence of large families.
Produtos afetados
n/a · TorQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://blog.torproject.org/blog/tor-0309-released-security-update-clientshttps://blog.torproject.org/blog/tor-0314-alpha-released-security-update-clientshttps://github.com/torproject/tor/commit/665baf5ed5c6186d973c46cdea165c0548027350https://security-tracker.debian.org/CVE-2017-0377https://trac.torproject.org/projects/tor/ticket/22753