[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [bug-inetutils] "echo" dgram service in *inetd and UDP packets with
|
From: |
Stephane Chazelas |
|
Subject: |
Re: [bug-inetutils] "echo" dgram service in *inetd and UDP packets with source port 7 |
|
Date: |
Mon, 1 Dec 2014 06:21:27 +0000 |
|
User-agent: |
Mutt/1.5.21 (2010-09-15) |
2014-11-30 09:00:51 +0100, Marco d'Itri:
> On Nov 29, Stephane Chazelas <address@hidden> wrote:
>
> > Yes, but I don't think RFC conformance is good enough a reason
> > to not fix a vulnerability.
> Everybody has known this for years.
> UDP small services should never be enabled, that's all.
[...]
Thanks Marco,
would you guys accept a patch that adds that (or something along
those lines) to the documentation?
Maybe something like:
"With the exception of "discard", please note that the protocols
implemented by the internal UDP services (chargen, time,
daytime, echo) have serious security flaws and those services
should not be enabled on production systems or exposed to
untrusted networks."
Cheers,
Stephane
- Re: [bug-inetutils] "echo" dgram service in *inetd and UDP packets with source port 7,
Stephane Chazelas <=
Re: [bug-inetutils] "echo" dgram service in *inetd and UDP packets with source port 7, Alfred M. Szmidt, 2014/12/01