Your submission was sent successfully! Close

CVE-2008-5397

Published: 09 December 2008

Tor before 0.2.0.32 does not properly process the (1) User and (2) Group configuration options, which might allow local users to gain privileges by leveraging unintended supplementary group memberships of the Tor process.

Priority

Low

Status

Package Release Status
tor
Launchpad, Ubuntu, Debian
Upstream
Released (0.2.0.32)