vino-preferences does not report public IPv6 addresses
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
vino |
Confirmed
|
Critical
|
|||
vino (Ubuntu) |
Triaged
|
Low
|
Unassigned |
Bug Description
Binary package hint: vino
Bug: vino-preferences does not report public IPv6 addresses, only IPv4 addresses.
On: Ubuntu 9.04 Jaunty Alpha 6
vino-preferences is now reporting: "Your desktop is only reachable over the local network. Others can access your computer using the address 192.168.2.150."
As vinage / vnc does now, as of Jaunty Alpha 6, correctly handle connections over Ipv6 (see https:/
"Your desktop is only reachable over the local network. Others can access your computer using the address 192.168.2.150.
Your desktop is reachable from Internet using Ipv6. Others can access your computer using the address 2001:838:
I think in vino-preferences.c the call dbus_g_proxy_call is taking care of finding out the IP addresses. I couldn't find out how to make that call dbus_g_proxy_call report back IPv6 addresses.
ubuntu@ubuntu:~$ apt-cache policy vino
vino:
Installed: 2.25.91-0ubuntu1
Candidate: 2.26.0-0ubuntu1
Version table:
2.
500 http://
*** 2.25.91-0ubuntu1 0
100 /var/lib/
ubuntu@ubuntu:~$
Changed in vino (Ubuntu): | |
importance: | Undecided → Wishlist |
Changed in vino (Ubuntu): | |
status: | New → Confirmed |
security vulnerability: | no → yes |
Changed in vino (Ubuntu): | |
importance: | Wishlist → Low |
Changed in vino (Ubuntu): | |
status: | Confirmed → Triaged |
tags: | added: ipv6 |
Changed in vino: | |
importance: | Unknown → Medium |
status: | Unknown → New |
Changed in vino: | |
importance: | Medium → Critical |
Changed in vino: | |
status: | New → Confirmed |
security vulnerability: | yes → no |
This bug is a serious security hole. Seeing the message "Your desktop is only reachable over the local network", people may think it is safe to allow access without a password or confirmation, but if their machine has global IPv6 connectivity, anyone on the Internet can take over their desktop. This is Not Good.