https://bugzilla.mindrot.org/show_bug.cgi?id=1457
--- Comment #9 from Ian Donaldson <[email protected]> --- Ok agreed, my patch reopens that CVE. The problem is that on Solaris 9 and Solaris 10 if you don't have IPv6 addresses configured, getaddrinfo() returns both AF_INET and AF_INET6 entries, and it returns AF_INET6 *first*. An attempted bind() to an AF_INET6 address on a system without IPv6 addresses configured returns EADDRNOTAVAIL, and the distributed code will not try the AF_INET (IPV4) bind at all; my patch allows it to continue on, but as you say that creates a potential security issue. What probably should happen in this code is that the bind result should be checked for EADDRNOTAVAIL error and not consider that a bail-out case; keep going anyway with other bind attempts; and that way an IPv4 only system will be happy and bind there. Anyway a workaround on such systems is to set this in sshd_config AddressFamily inet so I've undone my change and done that instead. Case closed I guess. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
