[tor-bugs] #6297 [Tor Client]: SOCKS issues with bitcoin in .2.3.18-rc vs .2.2.37

Wed Jul 18 13:19:50 UTC 2012

#6297: SOCKS issues with bitcoin in .2.3.18-rc vs .2.2.37
-------------------------+--------------------------------------------------
 Reporter:  jrmithdobbs  |          Owner:                   
     Type:  defect       |         Status:  needs_information
 Priority:  normal       |      Milestone:                   
Component:  Tor Client   |        Version:  Tor: 0.2.3.18-rc 
 Keywords:               |         Parent:                   
   Points:               |   Actualpoints:                   
-------------------------+--------------------------------------------------

Comment(by jrmithdobbs):

 The rfc is very vague in this area. It pretty much skips over validation
 completely (outside of auth) as far as I can tell.

 As far as the security, after actually looking at your parser I'm much
 less concerned about that. However, I still think there may be an issue
 regarding an attacker that has the ability to inject but not necessarily
 intercept the original message.

 For example, because of how it's parsed so long as you can successfully
 get your packets accepted (there's been various recent talks/papers re:
 inadequacy of syn cookies as it relates to this) it could be feasible to
 force a user's connection to a specific username/password for the socks
 connection which may affect how the connection is isolated vs their other
 connections and may provide a way for an inject-capable (no observation of
 traffic between the client and socks port needed, really) to be able to
 associate a client's connections that should, by the configuration, be
 isolated.

 Does that help make more sense of my concerns?

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6297#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online