http://bugzilla.novell.com/show_bug.cgi?id=521310
User meissner@novell.com added comment
http://bugzilla.novell.com/show_bug.cgi?id=521310#c1
--- Comment #1 from Marcus Meissner 2009-07-11 02:15:48 MDT ---
also:
Name: CVE-2009-2426
The connection_edge_process_relay_cell_not_open function in src/or/relay.c in
Tor 0.2.x before 0.2.0.35 and 0.1.x before
+0.1.2.8-beta allows exit relays to have an unspecified impact by causing
controllers to accept DNS responses that redirect
+to an internal IP address via unknown vectors. NOTE: some of these details
are obtained from third party information.
Reference: XF: http://xforce.iss.net/xforce/xfdb/51377
Reference: VUPEN: http://www.vupen.com/english/advisories/2009/1716
Reference: BID: http://www.securityfocus.com/bid/35505
Reference: OSVDB: http://www.osvdb.org/55341
Reference: SECUNIA: http://secunia.com/advisories/35546
Reference: MLIST: http://archives.seul.org/or/announce/Jun-2009/msg00000.html
--
Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.