Opened 10 years ago

Closed 9 years ago

#1082 closed defect (wontfix)

Information leaks

Reported by: loafier Owned by: loafier
Priority: Low Milestone:
Component: Polipo Version: 1.0
Severity: Keywords:
Cc: loafier, arma Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description (last modified by phobos)

Polipo adds the hostname, listening port, and local time in the footer
of error messages. An adversary might be able to gather this information
in a script and use it to narrow down the identity of the user.

http://pseudo-flaw.net/content/defcon/dc-17-demos/

There may be other areas where Polipo leaks information.

[Automatically added by flyspray2trac: Operating System: All]

Child Tickets

Change History (1)

comment:1 Changed 9 years ago by phobos

Description: modified (diff)
Resolution: Nonewontfix
Status: newclosed

Juliusz has taken over polipo maintenance again. He's asked the authors of existing bugs to email them to his mailing list at https://lists.sourceforge.net/lists/listinfo/polipo-users

Note: See TracTickets for help on using tickets.