You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@cloudstack.apache.org by "Chip Childers (JIRA)" <ji...@apache.org> on 2013/06/04 20:55:49 UTC

[jira] [Updated] (CLOUDSTACK-244) RPC port on SSVM is open on all interfaces

     [ https://issues.apache.org/jira/browse/CLOUDSTACK-244?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Chip Childers updated CLOUDSTACK-244:
-------------------------------------

    Fix Version/s:     (was: 4.1.0)
                   4.2.0
    
> RPC port on SSVM is open on all interfaces
> ------------------------------------------
>
>                 Key: CLOUDSTACK-244
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-244
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the default.) 
>          Components: Install and Setup
>    Affects Versions: 4.0.0
>            Reporter: Clement Chen
>             Fix For: 4.2.0
>
>
> SSVM has rpc portmap services listening on all interfaces. Especially on the public interface, it poses an attack entry point. We should limit the interface the rpc.portmap service is listening on.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira