Project

General

Profile

Actions

Bug #1583

closed

IPv6 IPs with :: trigger DNS rebinding

Added by Chris Buechler over 13 years ago. Updated over 12 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
Web Interface
Target version:
Start date:
06/05/2011
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.1-IPv6
Affected Architecture:

Description

When browsing to an IPv6 IP containing :: the DNS rebinding check is triggered as the :: causes part of the IP to be dropped before it's checked.

On line 66 in auth.inc, [2101:170:f2f2:1::2] becomes only 2101:170:f2f2:1: where it should be 2101:170:f2f2:1::2.

Actions

Also available in: Atom PDF