Possible DoS attack from Unknown (cups)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
cups (Ubuntu) |
Triaged
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: cups
1.4.3-1ubuntu1.3
I have witnessed several times in cups logs the following completely unhelpful error:
"Possible DoS attack - more than 10 clients connecting from !"
First, the most obvious omission is that whatever variable is supposed to be identifying the attacker is not working. This makes finding the trigger user/machine nearly impossible on the face of it.
I'm also concerned about what effect this feature may be having on the operation of the server. It does not appear to be an optional feature, and without any means to identify the trigger cause, I would prefer to disable it rather than risk it interfering with the availability of a server under heavy legitimate use.
Issue filed with cups: http://
The cups bug you link to says it got fixed in 1.5 and later 1.4; since QUantal has 1.6.x I'm marking as fix released.
This is a significant bug in Ubuntu. If you need a fix for the bug in previous versions of Ubuntu, please do steps 1 and 2 of the SRU Procedure [1] to bring the need to a developer's attention.
[1]: https:/ /wiki.ubuntu. com/StableRelea seUpdates# Procedure