On Tue, Aug 18, 2015 at 5:03 AM, intrigeri <intrig...@boum.org> wrote: > pretty-in-p...@safe-mail.net wrote (13 Aug 2015 16:02:50 GMT) : >> Can you please follow this thread and update Wget for the next version of >> Tails? > >> Topic: [Bug-wget] FTP PORT command code in v1.16.3? > >> https://lists.gnu.org/archive/html/bug-wget/2015-08/msg00020.html > >> I haven't performed any sniffing attempts on my network, but apparently >> others have on theirs. > > I've had a look, and indeed it seems that in the context of Tails this > could mean leaking the network adapter's IP address (i.e. most of the > case a RFC-1918 one, but let's not count on that) in packets at the > application layer. > > Could you please check: > > 1. if this is worth a CVE ID > 2. if the proposed patchset applies on top of Debian Wheezy's wget
The patch has been applied upstream: http://git.savannah.gnu.org/cgit/wget.git/commit/?id=075d7556964f5a871a73c22ac4b69f5361295099 it does not apply cleanly to 1.16.3, conflicting on tests. The source changes, however, apply without conflict, I've attached that diff. -- -Austin
commit 075d7556964f5a871a73c22ac4b69f5361295099 Author: Tim Rühsen <tim.rueh...@gmx.de> Date: Tue Aug 11 16:48:08 2015 +0200 Fix IP address exposure in FTP code * src/ftp.c (getftp): Do not use PORT when PASV fails. * tests/FTPServer.px: Add pasv_not_supported server flag. * tests/Makefile.am: Add Test-ftp-pasv-not-supported.px * tests/Test-ftp-pasv-not-supported.px: New test Fix IP address exposure when automatically falling back from passive mode to active mode (using the PORT command). A behavior that may be used to expose a client's privacy even when using a proxy. diff --git a/src/ftp.c b/src/ftp.c index 68f1a33..9dab99c 100644 --- a/src/ftp.c +++ b/src/ftp.c @@ -252,7 +252,6 @@ getftp (struct url *u, wgint passed_expected_bytes, wgint *qtyread, char *respline, *tms; const char *user, *passwd, *tmrate; int cmd = con->cmd; - bool pasv_mode_open = false; wgint expected_bytes = 0; bool got_expected_bytes = false; bool rest_failed = false; @@ -883,13 +882,19 @@ Error in server response, closing control connection.\n")); ? CONERROR : CONIMPOSSIBLE); } - pasv_mode_open = true; /* Flag to avoid accept port */ if (!opt.server_response) logputs (LOG_VERBOSE, _("done. ")); - } /* err==FTP_OK */ - } + } + else + return err; - if (!pasv_mode_open) /* Try to use a port command if PASV failed */ + /* + * We do not want to fall back from PASSIVE mode to ACTIVE mode ! + * The reason is the PORT command exposes the client's real IP address + * to the server. Bad for someone who relies on privacy via a ftp proxy. + */ + } + else { err = ftp_do_port (csock, &local_sock); /* FTPRERR, WRITEFAILED, bindport (FTPSYSERR), HOSTERR, @@ -1148,8 +1153,8 @@ Error in server response, closing control connection.\n")); } /* If no transmission was required, then everything is OK. */ - if (!pasv_mode_open) /* we are not using pasive mode so we need - to accept */ + if (!opt.ftp_pasv) /* we are not using passive mode so we need + to accept */ { /* Wait for the server to connect to the address we're waiting at. */
_______________________________________________ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.