[Twisted-Python] Security issue in SOCKS and Webcoil

Itamar Shtull-Trauring twisted at itamarst.org
Mon Feb 25 05:29:57 EST 2002


Both of these when setup using mktap or coil listen on all interfaces. 
So running a mktap generated SOCKS on a firewall means anyone can access 
your internal network, and running coil means anyone can setup a telnet 
python shell or SOCKS proxy remotely.

So, changes we need to make:
SOCKS tap should allow configurin interfaces it will run on.
COIL should allow configuring which interfaces a server can run on, not 
jusy which ports.





More information about the Twisted-Python mailing list