Public bug reported:
with ssh login successes or failures, using IPv6, checks using the "-i"
option for /usr/bin/last or /usr/bin/lastb do not display the correct IP
address.
it appears to be reporting the ipv6 address "fc00:dead::2", or "fc00:dead::3"
ass the same address, namely
252.0.222.173
i believe the logged address has stripped "fc", "00", "de", and "ad"
(and nothing else) from the first 32 bits of the address, then converted
each hex unit to decimal, and logged them in dotted-quad (IPv4)
addresses.
while not directly a security vulnerability, last and lastb are vital
tools for monitoring the login activity on systems.
regards,
sff
-----------------------
1) Description: Ubuntu 14.04.3 LTS
Release: 14.04
2) apt-cache policy sysvinit-utils
sysvinit-utils:
Installed: 2.88dsf-41ubuntu6.2
Candidate: 2.88dsf-41ubuntu6.2
Version table:
*** 2.88dsf-41ubuntu6.2 0
500 http://us.archive.ubuntu.com/ubuntu/ trusty-updates/main amd64
Packages
100 /var/lib/dpkg/status
2.88dsf-41ubuntu6 0
500 http://us.archive.ubuntu.com/ubuntu/ trusty/main amd64 Packages
3) i expect the full IPv6 address (in v6 notation) written, when applicable,
for "-i" output from last, and lastb
4) non-unique IPv4 addresses are reported instead of the correct ipv6 address.
** Affects: sysvinit (Ubuntu)
Importance: Undecided
Status: New
** Tags: btmp last lastb sshd wtmp
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to sysvinit in Ubuntu.
https://bugs.launchpad.net/bugs/1501538
Title:
last, lastb not reporting ipv6 address from ssh
Status in sysvinit package in Ubuntu:
New
Bug description:
with ssh login successes or failures, using IPv6, checks using the
"-i" option for /usr/bin/last or /usr/bin/lastb do not display the
correct IP address.
it appears to be reporting the ipv6 address "fc00:dead::2", or "fc00:dead::3"
ass the same address, namely
252.0.222.173
i believe the logged address has stripped "fc", "00", "de", and "ad"
(and nothing else) from the first 32 bits of the address, then
converted each hex unit to decimal, and logged them in dotted-quad
(IPv4) addresses.
while not directly a security vulnerability, last and lastb are vital
tools for monitoring the login activity on systems.
regards,
sff
-----------------------
1) Description: Ubuntu 14.04.3 LTS
Release: 14.04
2) apt-cache policy sysvinit-utils
sysvinit-utils:
Installed: 2.88dsf-41ubuntu6.2
Candidate: 2.88dsf-41ubuntu6.2
Version table:
*** 2.88dsf-41ubuntu6.2 0
500 http://us.archive.ubuntu.com/ubuntu/ trusty-updates/main amd64
Packages
100 /var/lib/dpkg/status
2.88dsf-41ubuntu6 0
500 http://us.archive.ubuntu.com/ubuntu/ trusty/main amd64 Packages
3) i expect the full IPv6 address (in v6 notation) written, when applicable,
for "-i" output from last, and lastb
4) non-unique IPv4 addresses are reported instead of the correct ipv6 address.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sysvinit/+bug/1501538/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
