xbrlapi loopback interface abuse
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
brltty (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
Xbrlapi creates new TCP connections in port 4101 at loopback interface. These are closed instantly because there is no service listening at 4101 on the lo interface.
Xbrlapi should not do that if there is no braille device.
This might pose a security risk, but I have not verified it.
ProblemType: Bug
DistroRelease: Ubuntu 16.10
Package: xbrlapi 5.4-0ubuntu4
ProcVersionSign
Uname: Linux 4.8.0-37-generic x86_64
ApportVersion: 2.20.3-0ubuntu8.2
Architecture: amd64
CurrentDesktop: Unity
Date: Mon Feb 13 19:25:58 2017
InstallationDate: Installed on 2015-07-31 (562 days ago)
InstallationMedia: Ubuntu 14.04.2 LTS "Trusty Tahr" - Release amd64 (20150218.1)
SourcePackage: brltty
UpgradeStatus: Upgraded to yakkety on 2016-11-01 (103 days ago)
Hello,
This was reported in debian http:// bugs.debian. org/851623 , and that led to upstream fix https:/ /github. com/brltty/ brltty/ commit/ 0a5341121ba8f4d e24407ce2a4d536 9dadf5d099