Bug #10365: Investigate if Nautilus / Tor Browser are vulnerable to FTP IP address leaks

Bug #10365

Investigate if Nautilus / Tor Browser are vulnerable to FTP IP address leaks

Added by hybridwipe 2015-10-13 08:28:01 . Updated 2018-01-19 17:40:23 .

Status:

Confirmed

Priority:

Normal

Assignee:

hybridwipe

Category:

Target version:

Start date:

2015-10-13

Due date:

% Done:

Feature Branch:

Type of work:

Security Audit

Blueprint:

Starter:

Affected tool:

Deliverable for:

Description

See ~~Bug #10364~~ for some background.

wget had a bug that could expose the user’s IP address when using FTP in some situations. This ticket is to investigate if Nautilus and/or Tor Browser have that vulnerability.

Subtasks

Related issues

Copied from Tails - ~~Bug #10364~~: wget may expose user IP address with FTP protocol (CVE-2015-7665)

Resolved

2015-10-13

History

#1 Updated by hybridwipe 2015-10-13 08:28:01

copied from ~~Bug #10364~~: wget may expose user IP address with FTP protocol (CVE-2015-7665) added

#2 Updated by intrigeri 2016-02-10 17:23:44

hybridwipe, are you interested in checking this?

#3 Updated by intrigeri 2016-02-10 17:24:11

Status changed from New to Confirmed
Type of work changed from Research to Security Audit

#4 Updated by hybridwipe 2016-02-12 07:28:56

Assignee set to hybridwipe

I had some trouble setting up an externally visible FTP server a while back, but since it seems no one else is interested, I’ll take another look at it.

#5 Updated by intrigeri 2016-02-12 12:22:17

> I’ll take another look at it.

Thanks!

#6 Updated by Anonymous 2018-01-19 17:40:23

@hybridwipe: are you still interested in doing this?