[Mono-dev] Potential security problem on EndPointManager.cs

Gonzalo Paniagua Javier gonzalo.mono at gmail.com
Sat Mar 24 16:14:15 UTC 2012


On Sat, Mar 24, 2012 at 9:38 AM, 정연운(Jung, Yeonwoon) <flow3r at gmail.com> wrote:
[...]
>
> As you might know, this could be a potential vulnerability in term of
> network security. If someone opens port on their machine with multiple
> network interfaces combined with public/private IPs, even the person
> restricted biding for private network on purpose, mono runtime doesn't bind
> IP address as expected. As a result, the port is available on public network
> as well.
>
> i already sent a request of pulling on github, pls review and take it.

Done. Thanks.

-Gonzalo


More information about the Mono-devel-list mailing list