[possible DoS] Sending a bad request to port 631 (answers a normal HTTP 400) keeps the connection open #17
Labels
Milestone
Comments
|
CUPS.org User: mike Can you test this against 1.1.19rc1 and let me know if the problem remains? The current code should timeout in 30 to 300 seconds depending on where the request is "broken". |
|
CUPS.org User: mike This STR will be closed without resolution if we do not receive a response by May 2nd. Please let us know if you have tried 1.1.19 and if the problem has been fixed. |
|
CUPS.org User: mike Closed due to no response from user. |
This was referenced Mar 17, 2016
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Version: 1.1.17
CUPS.org User: evi.smokingcube
When somebody telnet to port 631 and sends a bad request (whatever code) it answers as it should with:
<TITLE>400 Bad Request</TITLE>Bad Request
Bad Request But it doesn't disconnects the client (it just does nothing) It should give a: Connection closed by foreign host (as other webservers do) When I kill the telnet session with a kill commando and run netstat -a on that machine I see: tcp 35 0 D57611F7.kabel.tele:ipp D57611F7.kabel.te:32930 CLOSE_WAIT When I let the telnet session end by itself sending a '^]' char, then 'quit' this comes in netstat: tcp 0 0 D57611F7.kabel.te:32931 D57611F7.kabel.tele:ipp FIN_WAIT2 Now the biggest problem: It just stays there in netstat, it doesn't disappear so actually it's not ending the sessions (it does after a certain timeout. But it takes a remote port everytime.). I didn't put this in a loop but if somebody puts it in a loop it possibly should fill up the netstat table and possibly use all ports so other people can't use those ports anymore. Anyway, it should kill the connection immediately in place of just doing nothing.The text was updated successfully, but these errors were encountered: