CVE-2007-4174

Tor before 0.1.2.16, when ControlPort is enabled, does not properly restrict commands to localhost port 9051, which allows remote attackers to modify the torrc configuration file, compromise anonymity, and have other unspecified impact via HTTP POST data containing commands without valid authentication, as demonstrated by an HTML form (1) hosted on a web site or (2) injected by a Tor exit node.

Affected Software

Name	Vendor	Start Version	End Version
Tor	Tor	*	0.1.2.15 (including)
Tor	Tor	0.1.2.1-alpha (including)	0.1.2.1-alpha (including)
Tor	Tor	0.1.2.2 (including)	0.1.2.2 (including)
Tor	Tor	0.1.2.3-alpha (including)	0.1.2.3-alpha (including)
Tor	Tor	0.1.2.4 (including)	0.1.2.4 (including)
Tor	Tor	0.1.2.5 (including)	0.1.2.5 (including)
Tor	Tor	0.1.2.5-alpha (including)	0.1.2.5-alpha (including)
Tor	Tor	0.1.2.6-alpha (including)	0.1.2.6-alpha (including)
Tor	Tor	0.1.2.7-alpha (including)	0.1.2.7-alpha (including)
Tor	Tor	0.1.2.8-beta (including)	0.1.2.8-beta (including)
Tor	Tor	0.1.2.9 (including)	0.1.2.9 (including)
Tor	Tor	0.1.2.10 (including)	0.1.2.10 (including)
Tor	Tor	0.1.2.11 (including)	0.1.2.11 (including)
Tor	Tor	0.1.2.12 (including)	0.1.2.12 (including)
Tor	Tor	0.1.2.13 (including)	0.1.2.13 (including)
Tor	Tor	0.1.2.14 (including)	0.1.2.14 (including)
Tor	Ubuntu	dapper	*
Tor	Ubuntu	edgy	*
Tor	Ubuntu	feisty	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-4174
CWE	https://cwe.mitre.org/data/definitions/264.html

Affected Software

References