© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
35a32c5
(Get the code!)
To DarkMageZ,
The vulnerability is not in Ubuntu, but in the router a user uses. As far as I understand it, the router believes that the information being passed through it is an instruction for it, and so attempts to interpret it. Failing, it dies and closes the connection.
The vulnerability does not exist on any port other than 6667, and so your worry about attackers doing this on 8001 is impossible.
Yes, the "real" solution is for the router manufacturers to fix their firmware, and for users to download and install this firmware. However this hasn't happened in the past couple of years, and so probably won't be happening any time soon. As explained in the original post, it would be beneficial to both end users, and the support community in #ubuntu (and other channels) if this is not an issue otb, and users don't have to go through the hassle of #ubuntu-read-topic.