On Sun, 19 Jun 2016 02:02:43 +1000, Steven D'Aprano wrote: > On Sat, 18 Jun 2016 01:52 pm, Random832 wrote: > >> On Fri, Jun 17, 2016, at 21:00, Steven D'Aprano wrote: >>> The author doesn't go into details of what sort of attacks against >>> localhost they're talking about. An unauthenticated service running on >>> localhost implies, to me, a single-user setup, where presumably the >>> single-user has admin access to localhost. So I'm not really sure what >>> "risk" they have >> >> The issue - especially clearly in this context, which demonstrates a >> working exploit for this vulnerability - is cross-site request forgery. >> Which doesn't technically require the victim service to be HTTP (I >> remember a proof of concept a while back which would trick a browser >> into connecting to an IRC server), so long as it can ignore HTTP >> headers. > > Er, you may have missed that I'm talking about a single user setup. Are > you suggesting that I can't trust myself not to forge a request that > goes to a hostile site? > > It's all well and good to say that the application is vulnerable to > X-site attacks, but how does that relate to a system where I'm the only > user?
one possible reason I can think of is if for whatever reason your computer is infected by malware that malware could make use of the service. -- "The only way for a reporter to look at a politician is down." -- H.L. Mencken -- https://mail.python.org/mailman/listinfo/python-list
