[tor-bugs] #6710 [Tor Relay]: Tor Relays accept arbitrary destination address and port and leak information about reachability
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Mon Aug 27 15:46:54 UTC 2012
#6710: Tor Relays accept arbitrary destination address and port and leak
information about reachability
-----------------------+----------------------------------------------------
Reporter: thejh | Owner:
Type: defect | Status: needs_review
Priority: major | Milestone: Tor: 0.2.3.x-final
Component: Tor Relay | Version: Tor: unspecified
Keywords: | Parent:
Points: | Actualpoints:
-----------------------+----------------------------------------------------
Comment(by rransom):
Replying to [comment:1 nickm]:
> The best/easiest fix for the worst part of this is probably just to
reject EXTEND cells to private addresses. The rest of this (where you
probe a router's TCP state or firewall cfg by asking it to extend
different places) is probably no so easy, or *as* critical.
>
> I've got a patch in branch bug6710_023 in my public repository that
should go into 0.2.3.x after review.
Looks good.
> We should consider a backport to 0.2.2.
This should be backported. 0.2.2.x is still in TBB, and TBB users can
still turn their Tor clients into relays (and bridges).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6710#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list