You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Details
While running my vllm code i checked and noticed a self calling interal ip request in netsat command i.e(netstat -ano) attached below . I forcefully made code to run in localhost only by not calling internal ip by running with this command
but it shows 192.* series that i dont want.Please try to fix this and provide me a solution and I want my host address 127.0.0.1 should show as my foreign IP instead of my system ip 192.168.100.17
PoC
while running program and then checking connection througfh netstat it shows localhost with some internal ip as well as 192.168..
Impact
Exposing intenral IP via command line. showing vulnerability by displaying internal ip
The text was updated successfully, but these errors were encountered:
pseudotensor
changed the title
A Internal IP exposing maybe a threat
vLLM: A Internal IP exposing maybe a threat
Mar 18, 2024
There's nothing in vLLM that we do special, i's just native vLLM. I'm not aware of any issue with vLLM. You can confirm by using the vLLM docker image instead and raise an issue with vLLM team if you think something is off. Or try a firewall and see what happens if you block those ports.
I'm not sure the ENVs you specify are valid for vLLM. Maybe review: #1186 i.e. use absolute path so it doesn't reach out for the model?
Details
While running my vllm code i checked and noticed a self calling interal ip request in netsat command i.e(netstat -ano) attached below . I forcefully made code to run in localhost only by not calling internal ip by running with this command
but it shows 192.* series that i dont want.Please try to fix this and provide me a solution and I want my host address 127.0.0.1 should show as my foreign IP instead of my system ip 192.168.100.17
PoC
while running program and then checking connection througfh netstat it shows localhost with some internal ip as well as 192.168..
Impact
Exposing intenral IP via command line. showing vulnerability by displaying internal ip
The text was updated successfully, but these errors were encountered: