Public CVE-2009-2386 disclosure

Tor before 0.2.0.35 allows remote attackers to cause a denial of service (application crash) via a malformed router descriptor.