Test ID:	1.3.6.1.4.1.25623.1.0.901100
Category:	General
Title:	Tor Directory Queries Information Disclosure Vulnerability (win)
Summary:	Check for the version of Tor
Description:	Overview: This host is installed with Tor and is prone to Information Disclosure vulnerability. Vulnerability Insight: The issue is due to bridge directory authorities disclosing all tracked bridge identities when responding to 'dbg-stability.txt' directory queries. Impact: Successful exploitation will allow attackers to obtain sensitive information that can help them launch further attacks. Impact level: Application Affected Software/OS: Tor version prior to 0.2.1.22 and 0.2.2.x before 0.2.2.7-alpha on Windows. Fix: Upgrade to version 0.2.1.22 or later http://www.torproject.org/download.html.en References: http://osvdb.org/61865 http://secunia.com/advisories/38198 http://archives.seul.org/or/talk/Jan-2010/msg00162.html http://archives.seul.org/or/announce/Jan-2010/msg00000.html
Cross-Ref:	BugTraq ID: 37901 Common Vulnerability Exposure (CVE) ID: CVE-2010-0383 http://archives.seul.org/or/announce/Jan-2010/msg00000.html http://archives.seul.org/or/talk/Jan-2010/msg00165.html http://archives.seul.org/or/talk/Jan-2010/msg00162.html http://archives.seul.org/or/talk/Jan-2010/msg00161.html http://www.securityfocus.com/bid/37901 http://osvdb.org/61977 http://secunia.com/advisories/38198 Common Vulnerability Exposure (CVE) ID: CVE-2010-0385 http://www.osvdb.org/61865
Copyright	Copyright (C) 2010 SecPod

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: