CVE-2009-0654 Information

Description

Tor 0.2.0.28 and probably 0.2.0.34 and earlier allows remote attackers with control of an entry router and an exit router to confirm that a sender and receiver are communicating via vectors involving (1) replaying (2) modifying (3) inserting or (4) deleting a single cell and then observing cell recognition errors at the exit router. NOTE: the vendor disputes the significance of this issue noting that the product’s design \accepted end-to-end correlation as an attack that is too expensive to solve.\

Reference

http://blog.torproject.org/blog/one-cell-enough http://www.blackhat.com/html/bh-dc-09/bh-dc-09-archives.htmlFu http://www.blackhat.com/presentations/bh-dc-09/Fu/BlackHat-DC-09-Fu-Break-Tors-Anonymity.pdf