[Bug 2636] Fix X11 forwarding, when ::1 is not configured
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Thu Nov 10 09:59:53 AEDT 2016
https://bugzilla.mindrot.org/show_bug.cgi?id=2636
Darren Tucker <dtucker at zip.com.au> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |dtucker at zip.com.au
--- Comment #3 from Darren Tucker <dtucker at zip.com.au> ---
(In reply to Tomas Kuthan from comment #0)
[...]
> When this particular error is returned by bind, it is safe to
> continue with the next address returned by getaddrinfo(), because in
> that case there is no risk of forwarded X11 connections being
> hijacked (CVE-2008-1483).
No, there is still a risk, eg if the IPv6 address loopback is added
after a connection is made.
getaddrinfo w/AI_PASSIVE should not return non-existent addresses.
Quoting RFC3493:
If the AI_PASSIVE flag is specified, the returned address
information
shall be suitable for use in binding a socket for accepting incoming
connections for the specified service (i.e., a call to bind()).
In this case the returned address is not suitable to bind because it'll
never work (unless you race bring up the interface).
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list