#152 Error in documentation leading to possible security issue.

Driver (56)

The documentation refers to the http server running on only, however doing a netstat -anp will
show this..
"tcp 0 0* LISTEN -"

This shows that there is a listen for tcp 5555 on ALL
interface, and will accept any source.

I believe the error in code is in HttpServer.cpp line186

"server.sin_addr.s_addr = INADDR_ANY;"

I believe it should read

"server.sin_addr.s_addr = inet_addr('');"

I also verified there was no other code for source IP
checking - there isn't as verified by
and ips and as well as misc internet ips.

This should be fixed on the listening line to prevent
possible overflow problems with refusing connections
past the listening state. An alternative would be to
make the listen address selectable by the user.
Personally I would preffer this approach as I am using
peerguardian on my linux transparent brouter/firewall.

Also on a related front, it should be possible to have
pg interface to the FORWARD chain as with out this is
will not filter routed packets.. which in the case of a
router with would be desired. I've already accomplished
this via my own hack to the source code.


  • jre-phoenix

    In an effort to make this tracker usable again, this report is closed.

    If this report relates to the PeerGuardian Windows application, you
    may try PeerBlock instead: http://www.peerblock.com.

    If this report relates to an IP that is blocked or not blocked: The
    blocklists are maintained by http://www.bluetack.co.uk and

    If this report is about failed blocklist downloads. Check out
    http://iblocklist.com, this site offers reliable downloads of all