Test Kennung:	1.3.6.1.4.1.25623.1.0.900423
Kategorie:	Privilege escalation
Titel:	TOR Privilege Escalation Vulnerability - Windows
Zusammenfassung:	TOR is prone to a privilege escalation vulnerability.
Beschreibung:	Summary: TOR is prone to a privilege escalation vulnerability. Vulnerability Insight: The flaws are due to - an application does not properly drop privileges to the primary groups of the user specified by the User Parameter. - a ClientDNSRejectInternalAddresses configuration option is not always enforced which weaknesses the application security. Vulnerability Impact: Successful exploitation will let the attacker gain privileges and escalate the privileges in malicious ways. Affected Software/OS: Tor version 0.2.0.31 or prior. Solution: Upgrade to the latest version 0.2.0.32. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2008-5397 BugTraq ID: 32648 http://www.securityfocus.com/bid/32648 http://security.gentoo.org/glsa/glsa-200904-11.xml http://secunia.com/advisories/33025 http://secunia.com/advisories/34583 http://www.vupen.com/english/advisories/2008/3366 XForce ISS Database: tor-user-privilege-escalation(47101) https://exchange.xforce.ibmcloud.com/vulnerabilities/47101 Common Vulnerability Exposure (CVE) ID: CVE-2008-5398 XForce ISS Database: tor-clientdnsreject-security-bypass(47102) https://exchange.xforce.ibmcloud.com/vulnerabilities/47102
Copyright	Copyright (C) 2008 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.