Bugtraq mailing list archives
Re: ircd exploit in ircu based code (fwd)
From: poptix () INGS COM (Matt Hallacy)
Date: Thu, 15 Jul 1999 20:42:49 -0500
Nemesi, this is present in 2.10.06, lulea-r, ann-arbor, plano, Gothenburq, and toronto are for sure suseptible (they crashed, heh) and thus the reason for the latest patch to the repository, nullchan.patch. It was fixed and patches were submitted to undernet-admins () undernet org 3 or 4 days ago, and since the public posting of it the nullchan.patch was sent to coder-com () undernet org and the patch was added to the CVS. Other networks suseptible: BeyondIRC (fixed already) Oz.Org (Ex section of Undernet in Austraila) AfterNET AsianNET and any other irc network based on 2.9.30 or so (including 2.10.x) On Thu, 15 Jul 1999, Andrea Cocito wrote:
As of now I can't even find this bug in the oldest versions of our code, for sure isn't there in u2.10.06, I still have to check on the previous 2.10.05 that is still packaged in some Linux/BSD distributions. Would you please let me know in what version of the Undernet's code you found it and, in case there is still a way to core the current servers report the way to exploit it on bugs () undernet org ? We would appreciate a lot if any bug that can cause a server coredump is reported on bugs () undernet org with a few days of advantage respect to the other public lists... so we can fix it on te fly (we happen to have a living network with 38k users on it...). Thanks a lot, Andrea aka Nemesi, Undernet's coder committee.
Current thread:
- Re: ircd exploit in ircu based code (fwd) Andrea Cocito (Jul 14)
- linuxconf doesn't seem to deal correctly with /etc/pam.d/reboot Domingos Bruges (Jun 30)
- Re: linuxconf doesn't seem to deal correctly with /etc/pam.d/reboot Marcelo Roccasalva (Jul 21)
- Re: ircd exploit in ircu based code (fwd) Matt Hallacy (Jul 15)
- Re: ircd exploit in ircu based code (fwd) Andrea Cocito (Jul 16)
- Logic Error in Management Edition NetWare install script for Dr. Sololomon's Bayard G. Bell (Jul 16)
- AMaViS virus scanner for Linux - root exploit Chris McDonough (Jul 16)
- CERT Advisory CA-99.08 - cmsd Aleph One (Jul 16)
- Re: AMaViS virus scanner for Linux - root exploit Kurt Seifried (Jul 17)
- Re: AMaViS virus scanner for Linux - root exploit Ian Whalley (Jul 19)
- Swish-e Jean-Georges Estiot (Jul 17)
- Re: AMaViS virus scanner for Linux - root exploit Chris McDonough (Jul 18)
- Re: AMaViS virus scanner for Linux - root exploit Jim Hebert (Jul 19)
- tiger vulnerability Ellen L Mitchell (Jul 20)
(Thread continues...)
- linuxconf doesn't seem to deal correctly with /etc/pam.d/reboot Domingos Bruges (Jun 30)