Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
TOR Privilege Escalation Vulnerability (Linux)
Information
Severity
Severity
Critical
Family
Family
Privilege escalation
CVSSv2 Base
CVSSv2 Base
9.3
CVSSv2 Vector
CVSSv2 Vector
AV:N/AC:M/Au:N/C:C/I:C/A:C
Solution Type
Solution Type
Vendor Patch
Created
Created
15 years ago
Modified
Modified
5 years ago
Summary
This host is installed with TOR and is prone to Privilege Escalation vulnerability.
Insight
Insight
The flaws are due to, - an application does not properly drop privileges to the primary groups of the user specified by the User Parameter. - a ClientDNSRejectInternalAddresses configuration option is not always enforced which weaknesses the application security.
Affected Software
Affected Software
Tor version 0.2.0.31 or prior.
Solution
Solution
Upgrade to the latest version 0.2.0.32.