At my earlier post here about TOR...the one who makes you anonymous online is now vulnerable it self....:-)..all the features that I mentioned just few days back...are all vulnerable....latest from Gentoo Linux Security Advisory gives the following details :
- Prone to multiple vulnerabilities as on date.
- Most severe of which allows execution of a arbitrary code by a remote attacker.
- Can cause a Denial of Service.
- A remote relay that the user is directly connected to, may be able to disclose anonymous information about that user or enumerate bridges in the user's connection.
- When configured as client or bridge, Tor uses the same TLS certificate chain for all outgoing connections
SOLUTION : ALL TOR LOVERS TO UPGRADE TO THE LATEST TOR ASAP.