Package: gkrellmd Version: 2.2.5-1.3 Severity: grave Justification: user security hole
When I add a "allow-host 127.0.0.1" line to gkrellmd.conf I can connect to the server from anywhere included a computer which has nothing to do with the server. allow-host localhost seems ok. allow-host ip where ip<>127.0.0.1 seem ok as well But allow-host 127.0.0.1 makes a big hole. The server's ip is 138.195.156.146 but I can even connect from my home where I've got a dynamic ip. I use IPv6. (Does it have any relationship to the problem ?) Thx. -- System Information: Debian Release: 3.1 Architecture: i386 (i586) Kernel: Linux 2.6.14-grsec Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15) Versions of packages gkrellmd depends on: ii gkrellm-common 2.2.5-1.3 multiple stacked system monitors: ii libc6 2.3.2.ds1-22 GNU C Library: Shared libraries an ii libglib2.0-0 2.6.4-1 The GLib library of C routines -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
