DescriptionThe compare_tor_addr_to_addr_policy function in or/policies.c in Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.21-rc, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a zero-valued port field that is not properly handled during policy comparison.
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
|National Vulnerability Database
SUSE Security Advisories:
List of released packages
|Fixed package version(s)
openSUSE Tumbleweed GA tor-0.2.8.11-1.1
SUSE Timeline for this CVECVE page created: Fri Jun 28 13:06:14 2013
CVE page last modified: Thu Dec 7 13:05:42 2023