Summary
This host is installed with Tor and is prone to DNS Spoofing vulnerability.
Impact
Successful exploitation will allow attackers to conduct DNS spoofing attacks.
Impact level: Application
Solution
Upgrade to version 0.2.0.35 or 0.1.2.8-beta or later http://www.torproject.org/download.html.en
Insight
Error in 'connection_edge_process_relay_cell_not_open' function in 'relay.c' in src/or/ allows exit relays to have an unspecified impact by causing controllers to accept DNS responses that redirect to an internal IP address via unknown vectors.
Affected
Tor version 0.2.x before 0.2.0.35 and 0.1.x before 0.1.2.8-beta on Windows.
References
Severity
Classification
-
CVE CVE-2009-2426 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities