Detections
Analytics

FreeBSD : security/tor -- SOCKS4(a) inversion bug (847f16e5-9406-11ed-a925-3065ec8fd3ec)

high Nessus Plugin ID 170050

Language:

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 847f16e5-9406-11ed-a925-3065ec8fd3ec advisory.

 - The Tor Project reports: TROVE-2022-002: The SafeSocks option for SOCKS4(a) is inverted leading to SOCKS4 going through This is a report from hackerone: We have classified this as medium considering that tor was not defending in-depth for dangerous SOCKS request and so any user relying on SafeSocks 1 to make sure they don't link DNS leak and their Tor traffic wasn't safe afterall for SOCKS4(a).
 Tor Browser doesn't use SafeSocks 1 and SOCKS4 so at least the likely vast majority of users are not affected. (847f16e5-9406-11ed-a925-3065ec8fd3ec)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://gitlab.torproject.org/tpo/core/tor/-/issues/40730

https://hackerone.com/bugs?subject=torproject&report_id=1784589

http://www.nessus.org/u?a8b9f994

Plugin Details

Severity: High

ID: 170050

File Name: freebsd_pkg_847f16e5940611eda9253065ec8fd3ec.nasl

Version: 1.0

Type: local

Published: 1/14/2023

Updated: 1/14/2023

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:tor, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Exploit Ease: No known exploits are available

Patch Publication Date: 1/14/2023

Vulnerability Publication Date: 1/12/2023