Bugtraq mailing list archives
Re: ircd exploit in ircu based code (fwd)
From: blackye () UNDERNET ORG (Andrea Cocito)
Date: Fri, 16 Jul 1999 12:26:02 +0200
At 3:42 +0200 16-07-1999, Matt Hallacy wrote:
Nemesi, this is present in 2.10.06, lulea-r, ann-arbor, plano, Gothenburq, and toronto are for sure suseptible (they crashed, heh) and thus the reason for the latest patch to the repository, nullchan.patch. It was fixed and patches were submitted to undernet-admins () undernet org 3 or 4 days ago, and since the public posting of it the nullchan.patch was sent to coder-com () undernet org and the patch was added to the CVS.
It just didn't seem the same bug for how it was reported, now I looked at it better and understood that it is. The bug is the same that appears in a piece of code looking different on Undernet's current codebase, it has been patched with nullchan.patch at patchlevel 24 of the current source tree available via cvs on coder-com.undernet.org. Version u2.10.06.24 and following of our codebase are thus immune, anything derivated from previous versions isn't. Excuse me I had not the time to warn about it the otehr networks and to reply correctly at the report here, it was because I was busy having to patch on the fly our 45 servers while some kid was having fun disrupting the service, like this one: Core was generated by `ircd.9905101130.'. Program terminated with signal 11, Segmentation fault. Cannot access memory at address 0x20047080. #0 m_join (cptr=0x206800, sptr=0x206800, parc=2, parv=0x47310) at channel.c:2454 (gdb) p sptr->name $1 = "Pinetree", '\000' <repeats 55 times> (gdb) p sptr->ip $2 = {s_addr = 1025006872} (gdb) p sptr->sockhost $3 = "d185d183d.rochester.rr.com", '\000' <repeats 37 times> (gdb) p sptr->username $4 = "poptix\000\000\000\000" (gdb) Thanks Matt aka Pinetree!poptix () d185d183d rochester rr com Andrea aka Nemesi
Current thread:
- Re: ircd exploit in ircu based code (fwd) Andrea Cocito (Jul 14)
- linuxconf doesn't seem to deal correctly with /etc/pam.d/reboot Domingos Bruges (Jun 30)
- Re: linuxconf doesn't seem to deal correctly with /etc/pam.d/reboot Marcelo Roccasalva (Jul 21)
- Re: ircd exploit in ircu based code (fwd) Matt Hallacy (Jul 15)
- Re: ircd exploit in ircu based code (fwd) Andrea Cocito (Jul 16)
- Logic Error in Management Edition NetWare install script for Dr. Sololomon's Bayard G. Bell (Jul 16)
- AMaViS virus scanner for Linux - root exploit Chris McDonough (Jul 16)
- CERT Advisory CA-99.08 - cmsd Aleph One (Jul 16)
- Re: AMaViS virus scanner for Linux - root exploit Kurt Seifried (Jul 17)
- Re: AMaViS virus scanner for Linux - root exploit Ian Whalley (Jul 19)
- Swish-e Jean-Georges Estiot (Jul 17)
- Re: AMaViS virus scanner for Linux - root exploit Chris McDonough (Jul 18)
- Re: AMaViS virus scanner for Linux - root exploit Jim Hebert (Jul 19)
- tiger vulnerability Ellen L Mitchell (Jul 20)
- iplogger Ymas problem Salvatore Sanfilippo -antirez- (Jul 18)
(Thread continues...)
- linuxconf doesn't seem to deal correctly with /etc/pam.d/reboot Domingos Bruges (Jun 30)