On 9/29/07, <b class="gmail_sendername">Paul Ferguson</b> &lt;<a href="mailto:fergdawg@netzero.net">fergdawg@netzero.net</a>&gt; wrote:<div><span class="gmail_quote"></span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
-----BEGIN PGP SIGNED MESSAGE-----<br>Hash: SHA1<br><br>A Proof-of-Concept exploit is now circulating:<br><br> <a href="http://www.milw0rm.com/exploits/4468">http://www.milw0rm.com/exploits/4468</a><br><br>Needless to say, people are encourage to run 
<a href="http://0.1.2.17">0.1.2.17</a> or better. :-)<br><br>- - ferg<br><br>-----BEGIN PGP SIGNATURE-----<br>Version: PGP Desktop 9.6.3 (Build 3017)<br><br>wj8DBQFG/sLSq1pz9mNUZTMRAjLzAJ9keMavFeEB0nDmvL1uhNBdrmAvpgCfSUdS
<br>ybz+X1lVZKtkTtFVTCBUzk4=<br>=Qz2y<br>-----END PGP SIGNATURE-----<br><br><br><br>--<br>&quot;Fergie&quot;, a.k.a. Paul Ferguson<br> Engineering Architecture for the Internet<br> fergdawg(at)netzero.net<br> ferg&#39;s tech blog: 
<a href="http://fergdawg.blogspot.com/">http://fergdawg.blogspot.com/</a><br><br></blockquote></div><br>Also,<br><a href="http://secunia.com/advisories/26301">http://secunia.com/advisories/26301</a><br><br>I like how they labeled it &quot;Moderately critical&quot;...that&#39;s an understatement.
<br><br>Looks like the cat is really out of the bag now, time to post the full write up I&#39;ve been sitting on.<br>It&#39;s been 8 weeks now, so if you haven&#39;t update Tor, then you should do that ASAP.<br><br>