[tor-talk] Security issue. Firefox in Tor Browser Bundle allows access to LAN resources. To fix: ABE of NoScript must be turn on by default

[Gerardus Hendricks]

On 1/21/14 5:06 AM, TT Security wrote:
> Maybe you'll be suprised but Firefox by default allow connections to
> loopback interfaces if there is no disabled rule in firewall settings.
> NoScript Add-On can solve the problem by ABE.

I've created a bug here:

https://trac.torproject.org/projects/tor/ticket/10686