Per RFC 1413, The unique identifying tuple includes not only the ports,
but also the both addresses. Without the addresses, the information
becomes both non-unique and public:
- If multiple connections happen to use the same local port number
(which is possible if the addresses differ), the username of the first
is returned for all, resulting in the wrong ident for all but the
first.
- By not checking the connection address, the information becomes
public. Because there is only a relatively small number of local ports,
and the remote ports are likely to be either 6667 or 6697, it becomes
trivial to scan the entire range to get a list of idents.
To prevent this from happening, disable identd or upgrade to a non vulnerable version.
Juerd Reporter
Per RFC 1413, The unique identifying tuple includes not only the ports,
but also the both addresses. Without the addresses, the information
becomes both non-unique and public:
(which is possible if the addresses differ), the username of the first
is returned for all, resulting in the wrong ident for all but the
first.
public. Because there is only a relatively small number of local ports,
and the remote ports are likely to be either 6667 or 6697, it becomes
trivial to scan the entire range to get a list of idents.
To prevent this from happening, disable identd or upgrade to a non vulnerable version.