Opened 12 years ago

Closed 12 years ago

Last modified 12 years ago

#1810 closed Bug (fixed)

DoS vulnerability wrt incoming connections

Reported by: titer Owned by: charles
Priority: Normal Milestone: 1.50
Component: libtransmission Version: 1.41
Severity: Blocker Keywords:
Cc:

Description

Transmission does not seem to enforce a timeout on incoming connections, which you can easily verify with something like "telnet localhost <T's listening port>": the connection stays open indefinitely, and this makes T prone to DoS.

This may even happen in normal usage, e.g. I have seen the UI report only 8 incoming peers, while netstat is showing over 80 established incoming connections, most of them being idle.

Seen with a r7880 build out of the 1.5x branch

Change History (4)

comment:1 Changed 12 years ago by charles

  • Component changed from Transmission to libtransmission
  • Owner set to charles
  • Status changed from new to assigned

Confirmed.

comment:2 Changed 12 years ago by charles

  • Milestone changed from None Set to 1.50
  • Resolution set to fixed
  • Status changed from assigned to closed
  • Version changed from 1.42+ to 1.41

Fixed in trunk in r7883

Fixed in 1.5x branch in r7884

comment:3 Changed 12 years ago by charles

This was introduced with the bandwidth rewrite. "telnet localhost <T's listening port>" appears to stay open indefinitely in 1.42 as well. (at least, stayed open for the 15 minutes that I tested)

comment:4 Changed 12 years ago by charles

  • Severity changed from Normal to Blocker
Note: See TracTickets for help on using tickets.