By the way. I can confirm that it is reproducible also in intel 32 bit architecture.
// Ola On Wed, Aug 10, 2011 at 12:41:18PM -0700, Chris Hiestand wrote: > Package: vnc4server > Version: 4.1.1+X4.3.0-37 > Severity: normal > > A repeated bad login generates a blacklist against 0.0.0.0 - but it > should be against the remote IP address. If a user then tries to connect > from a different IP, they will find that they are blacklisted. > A series of bad logins from any IP can then generate a DoS against > vnc4server. > > > The vnc server log of connection attempts: > >Wed Aug 10 12:37:46 2011 > > vncext: VNC extension running! > > vncext: Listening for VNC connections on port 5901 > > vncext: created VNC server for screen 0 > >error opening security policy file /etc/X11/xserver/SecurityPolicy > >Could not init font path element /usr/share/fonts/X11/cyrillic, > >removing from list! > >Could not init font path element built-ins, removing from list! > > > >Wed Aug 10 12:38:00 2011 > > Connections: accepted: 0.0.0.0::51060 > > SConnection: Client needs protocol version 3.8 > > SConnection: Client requests security type VncAuth(2) > > SConnection: AuthFailureException: Authentication failure > > Connections: closed: 0.0.0.0::51060 (Authentication failure) > > > >Wed Aug 10 12:38:02 2011 > > Connections: accepted: 0.0.0.0::51061 > > > >Wed Aug 10 12:38:03 2011 > > SConnection: Client needs protocol version 3.8 > > SConnection: Client requests security type VncAuth(2) > > SConnection: AuthFailureException: Authentication failure > > Connections: closed: 0.0.0.0::51061 (Authentication failure) > > Connections: accepted: 0.0.0.0::51062 > > > >Wed Aug 10 12:38:04 2011 > > SConnection: Client needs protocol version 3.8 > > SConnection: Client requests security type VncAuth(2) > > SConnection: AuthFailureException: Authentication failure > > Connections: closed: 0.0.0.0::51062 (Authentication failure) > > Connections: accepted: 0.0.0.0::51063 > > SConnection: Client needs protocol version 3.8 > > SConnection: Client requests security type VncAuth(2) > > SConnection: AuthFailureException: Authentication failure > > Connections: closed: 0.0.0.0::51063 (Authentication failure) > > > >Wed Aug 10 12:38:05 2011 > > Connections: accepted: 0.0.0.0::51064 > > SConnection: Client needs protocol version 3.8 > > SConnection: Client requests security type VncAuth(2) > > SConnection: AuthFailureException: Authentication failure > > Connections: closed: 0.0.0.0::51064 (Authentication failure) > > > >Wed Aug 10 12:38:06 2011 > > Connections: blacklisted: 0.0.0.0 > > > >Wed Aug 10 12:38:07 2011 > > Connections: blacklisted: 0.0.0.0 > > > >Wed Aug 10 12:38:08 2011 > > Connections: blacklisted: 0.0.0.0 > > > >Wed Aug 10 12:38:10 2011 > > Connections: blacklisted: 0.0.0.0 > > > > Comes from a different IP Address, but is blacklisted anyway! > >Wed Aug 10 12:38:14 2011 > > Connections: blacklisted: 0.0.0.0 > > > > - System Information: > Debian Release: 6.0.2 > APT prefers stable > APT policy: (900, 'stable') > Architecture: amd64 (x86_64) > > Kernel: Linux 2.6.32-5-amd64 (SMP w/12 CPU cores) > Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > > Versions of packages vnc4server depends on: > ii libc6 2.11.2-10 Embedded GNU C Library: Shared > lib > ii libgcc1 1:4.4.5-8 GCC support library > ii libstdc++6 4.4.5-8 The GNU Standard C++ Library v3 > ii libx11-6 2:1.3.3-4 X11 client-side library > ii libxext6 2:1.1.2-1 X11 miscellaneous extension > librar > ii libxtst6 2:1.1.0-3 X11 Testing -- Record extension > li > ii x11-common 1:7.5+8 X Window System (X.Org) > infrastruc > ii xbase-clients 1:7.5+8 miscellaneous X clients - > metapack > ii xserver-common 2:1.7.7-13 common files used by various X > ser > ii zlib1g 1:1.2.3.4.dfsg-3 compression library - runtime > > Versions of packages vnc4server recommends: > ii xfonts-base 1:1.0.1 standard fonts for X > > Versions of packages vnc4server suggests: > pn vnc-java <none> (no description available) > > -- debconf-show failed > > > -- --------------------- Ola Lundqvist --------------------------- / o...@debian.org Annebergsslingan 37 \ | o...@inguza.com 654 65 KARLSTAD | | http://inguza.com/ +46 (0)70-332 1551 | \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / --------------------------------------------------------------- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
