From gcastagnino@denyall.com Thu Apr 16 15:34:35 2015 Received: (at 31) by bugs.x2go.org; 16 Apr 2015 13:34:35 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: ** X-Spam-Status: No, score=2.6 required=5.0 tests=BAYES_50,MISSING_SUBJECT autolearn=no version=3.3.2 X-Greylist: delayed 528 seconds by postgrey-1.34 at ymir.das-netzwerkteam.de; Thu, 16 Apr 2015 15:34:34 CEST Received: from fb1.mail.completel.net (fb1.mail.completel.net [213.245.2.47]) by ymir.das-netzwerkteam.de (Postfix) with ESMTP id DF6D45DAA3 for <31@bugs.x2go.org>; Thu, 16 Apr 2015 15:34:34 +0200 (CEST) Received: from smtp4.mail.completel.net (smtp4.cptl.sdv.fr [10.0.32.58]) by fb1.mail.completel.net (Postfix) with ESMTP id A8B853CCEA for <31@bugs.x2go.org>; Thu, 16 Apr 2015 15:25:46 +0200 (CEST) Received: from daex2010.denyall.local (mail.denyall.com [46.218.4.206]) by smtp4.mail.completel.net (Postfix) with ESMTP id 0C56E3C01D for <31@bugs.x2go.org>; Thu, 16 Apr 2015 15:25:45 +0200 (CEST) Received: from bespin.localnet (10.1.1.32) by DAEX2010.DenyAll.local (10.1.1.5) with Microsoft SMTP Server (TLS) id 14.2.347.0; Thu, 16 Apr 2015 15:22:26 +0200 From: Guillaume Castagnino To: <31@bugs.x2go.org> Date: Thu, 16 Apr 2015 15:25:45 +0200 Message-ID: <2019231.JGKveepc01@bespin> Organization: DenyAll User-Agent: KMail/4.14.6 (Linux/4.0.0-gentoo; KDE/4.14.6; x86_64; ; ) MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="windows-1252" X-Originating-IP: [10.1.1.32] X-VR-SPAMSTATE: OK X-VR-SPAMSCORE: 10 X-VR-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrfeektddrgeejgdeigecutefuodetggdotefrucfrrhhofhhilhgvmecupfgfoffgtffkveetuefngfenuceurghilhhouhhtmecufedttdenucfgmhhpthihuchsuhgsjhgvtghtucdluddtmdenucfjughrpefhvfffkfhofggggfgtihesthhqredttdeiheenucfhrhhomhepifhuihhllhgruhhmvgcuvegrshhtrghgnhhinhhouceoghgtrghsthgrghhnihhnohesuggvnhihrghllhdrtghomheq Hi, Incidentally, I discovered that sending garbage on that port make the=20= client crash and disconnect. So you can remotely disconnect any client=20= using x2go client. Kind of DOS isn=92t it ? I discovered it simply doing this: nmap -v -n --open -Pn -sSV --version-intensity 0 -p T:1-65535=20 192.168.56.0/24 crashing all x2goclients on the subnet! Definitely, the proxy should NOT listen on INADDR_ANY but only on=20 localhost in SshProcess::tunnelLoop. Thanks --=20 Guillaume Castagnino