Tor Browser 4.0.3 with websockets enabled by default

Published
Credit
Risk
2015.03.04
Pablo
Medium
CWE
CVE
Local
Remote
N/A
N/A
No
Yes

Hello,

I am seeing that Tor Browser 4.0.3 apparently has the configuration
of websocket of Firefox enabled (true) by default .... I think that this is
something that should have been corrected a long time ago (Tor bug 5741).
I think that this is a configuration bug. Am I wrong ?

Link:
http://picpaste.com/websocket_tor_config.png


Regards,
Pablo.

References:

http://picpaste.com/websocket_tor_config.png
http://seclists.org/fulldisclosure/2015/Mar/13


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2017, cxsecurity.com