[X2Go-Dev] Bug#31: (no subject)
Guillaume Castagnino
gcastagnino at denyall.com
Thu Apr 16 15:25:45 CEST 2015
Hi,
Incidentally, I discovered that sending garbage on that port make the
client crash and disconnect. So you can remotely disconnect any client
using x2go client. Kind of DOS isn’t it ?
I discovered it simply doing this:
nmap -v -n --open -Pn -sSV --version-intensity 0 -p T:1-65535
192.168.56.0/24
crashing all x2goclients on the subnet!
Definitely, the proxy should NOT listen on INADDR_ANY but only on
localhost in SshProcess::tunnelLoop.
Thanks
--
Guillaume Castagnino
More information about the x2go-dev
mailing list