[tor-talk] Security issue. Firefox in Tor Browser Bundle allows access to LAN resources. To fix: ABE of NoScript must be turn on by default
Gerardus Hendricks
konfkukor at riseup.net
Tue Jan 21 15:20:33 UTC 2014
On 1/21/14 5:06 AM, TT Security wrote:
> Maybe you'll be suprised but Firefox by default allow connections to
> loopback interfaces if there is no disabled rule in firewall settings.
> NoScript Add-On can solve the problem by ABE.
I've created a bug here:
https://trac.torproject.org/projects/tor/ticket/10686
More information about the tor-talk
mailing list