View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0002546 | 10000-002: Security | Spec | public | 2013-07-24 06:32 | 2015-07-28 16:50 |
| Reporter | Randy Armstrong | Assigned To | Paul Hunkar | ||
| Priority | normal | Severity | minor | Reproducibility | always |
| Status | closed | Resolution | fixed | ||
| Target Version | 1.03 | Fixed in Version | 1.03 | ||
| Summary | 0002546: Add comment about this DOS vulnerability | ||||
| Description | This Service can be used without security and it is therefore vulnerable to Denial Of Service (DOS) attacks. A Server should minimize the amount of processing required to send the response for this Service. This can be achieved by preparing the result in advance. | ||||
| Additional Information | Security issue? Iām thinking Part2 will need to have text added to describe security risks and how to mitigate them from a discover point of view? Rogue machines register Maybe IGMP to help restrict this? | ||||
| Tags | No tags attached. | ||||
| Commit Version | |||||
| Fix Due Date | |||||
|
|
Added text to describe rouge server/client and discovery server - added text describing action etc. |
|
|
Agreed to changes edited in telecon. |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2013-07-24 06:32 | Randy Armstrong | New Issue | |
| 2013-08-13 17:02 | Jim Luth | Status | new => assigned |
| 2013-08-13 17:02 | Jim Luth | Assigned To | => Paul Hunkar |
| 2014-08-19 17:23 | Jim Luth | Category | (No Category) => Spec |
| 2014-08-19 17:23 | Jim Luth | Target Version | => 1.03 |
| 2015-06-23 13:49 | Paul Hunkar | Note Added: 0006160 | |
| 2015-06-23 13:49 | Paul Hunkar | Status | assigned => resolved |
| 2015-06-23 13:49 | Paul Hunkar | Fixed in Version | => 1.03 |
| 2015-06-23 13:49 | Paul Hunkar | Resolution | open => fixed |
| 2015-07-28 16:50 | Jim Luth | Note Added: 0006284 | |
| 2015-07-28 16:50 | Jim Luth | Status | resolved => closed |
