CVE-2011-2768
Publication date 23 December 2011
Last updated 24 July 2024
Ubuntu priority
Tor before 0.2.2.34, when configured as a client or bridge, sends a TLS certificate chain as part of an outgoing OR connection, which allows remote relays to bypass intended anonymity properties by reading this chain and then determining the set of entry guards that the client or bridge had selected.