Date: Fri, 09 Aug 2024 23:05:34 +0000 From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 280705] 0.0.0.0/32 is equivalent to 127.0.0.1/32, which may be considered a security flaw Message-ID: <bug-280705-7501-ShMu19WydA@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-280705-7501@https.bugs.freebsd.org/bugzilla/> References: <bug-280705-7501@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D280705 --- Comment #5 from Eirik Oeverby <ltning-freebsd@anduin.net> --- (In reply to paul vixie from comment #4) I don't think that's a concern any longer, is it? The reason I'm even reporting this as a bug (and not simply leaving it to browser vendors to fix since that's how this surfaced now) is how it comple= tely blindsides anyone who might come across it, and I would not be surprised if= a plethora of new attack vectors - having nothing to do with browsers - crop = up in the near future.=20 I don't have a firm understanding of how bad it might be, but it might be w= orth a security advisory. Then again, I might be seeing ghosts in broad daylight. (Well, a ghost it is, I guess..) --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-280705-7501-ShMu19WydA>