[ubuntu-mono] [Bug 1861166] [NEW] XSP server listens on 0.0.0.0 by default, autostarted on package install
Adam Piggott
1861166 at bugs.launchpad.net
Tue Jan 28 15:44:13 UTC 2020
Public bug reported:
I installed mono-complete 5.18.0.240+dfsg-3 on Ubuntu 19.10 as a user,
rather than a coder (to use plugins for the password manager KeePass). I
then noticed that monodoc-http 4.2-3 seems to have configured a web
server (XSP4) to autostart and listen on port 8084 on 0.0.0.0. This
might be considered a security risk and perhaps the server autostarting
might not be considered ideal.
** Affects: mono-tools (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
CLI/Mono Uploaders, which is subscribed to mono-tools in Ubuntu.
https://bugs.launchpad.net/bugs/1861166
Title:
XSP server listens on 0.0.0.0 by default, autostarted on package
install
Status in mono-tools package in Ubuntu:
New
Bug description:
I installed mono-complete 5.18.0.240+dfsg-3 on Ubuntu 19.10 as a user,
rather than a coder (to use plugins for the password manager KeePass).
I then noticed that monodoc-http 4.2-3 seems to have configured a web
server (XSP4) to autostart and listen on port 8084 on 0.0.0.0. This
might be considered a security risk and perhaps the server
autostarting might not be considered ideal.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mono-tools/+bug/1861166/+subscriptions
More information about the Ubuntu-mono
mailing list