Buffer Overflow in Tor's policy_summarize Function Allows Remote Denial of Service

CVE-2011-1924 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

Buffer overflow in the policy_summarize function in or/policies.c in Tor before 0.2.1.30 allows remote attackers to cause a denial of service (directory authority crash) via a crafted policy that triggers creation of a long port list.

Learn more about our Web Application Penetration Testing UK.