https://bugzilla.novell.com/show_bug.cgi?id=680298
https://bugzilla.novell.com/show_bug.cgi?id=680298#c11
--- Comment #11 from Marius Tomaschewski
Security relevant? http://thread.gmane.org/gmane.comp.security.oss.general/4820
To answer the question in this thread: The OMAPI port is disabled by default. It is used to _manage_ the server, e.g. trigger failover in failover setups, changing interal states or also define new in-memory objects (e.g. a lease) or even shut down a server or a failover node. Basically it allows to "modify" the internal server state at runtime. It should be *never* open "for public use", e.g. to some users. Of course, the action causes 100% CPU use, what affects the system and the DHCP service itself, so it is a kind of DoS as any other 100% CPU bug, but I don't think this is a true security issue. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.