[Bug 280705] 0.0.0.0/32 is equivalent to 127.0.0.1/32, which may be considered a security flaw
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 09 Aug 2024 23:05:34 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=280705 --- Comment #5 from Eirik Oeverby <ltning-freebsd@anduin.net> --- (In reply to paul vixie from comment #4) I don't think that's a concern any longer, is it? The reason I'm even reporting this as a bug (and not simply leaving it to browser vendors to fix since that's how this surfaced now) is how it completely blindsides anyone who might come across it, and I would not be surprised if a plethora of new attack vectors - having nothing to do with browsers - crop up in the near future. I don't have a firm understanding of how bad it might be, but it might be worth a security advisory. Then again, I might be seeing ghosts in broad daylight. (Well, a ghost it is, I guess..) -- You are receiving this mail because: You are the assignee for the bug.