Bugtraq mailing list archives
ircd exploit in ircu based code
From: toasty () DRAGONDATA COM (Kevin Day)
Date: Tue, 13 Jul 1999 20:49:02 -0500
Most irc networks using ircu based servers have a bug that can cause users to segfault the server. In m_join, the code doesn't check to see if get_channel returned failure (by returning NULL). While the line numbers will probably be off, this patch will work in most ircu based servers. --- ircd/channel.c Tue Jul 13 19:58:46 1999 +++ ircd/channel.c Tue Jul 13 20:05:31 1999 @@ -2004,6 +2004,12 @@ chptr = get_channel (sptr, name, !CREATE); /* need the TS -Kev */ + if (!chptr) { + sendto_one (sptr, err_str (ERR_NOSUCHCHANNEL), + me.name, parv[0], name); + return(0); + } + sendto_serv_butone (cptr, ":%s MODE %s +%s%s %lu", me.name, name, sendmode ? "o " : "", sendmode ? parv[0] : "", chptr->creationtime); /* send the MODE to the Kevin Day DragonData ToastyMan on irc.dragondata.com (on NewNet)
Current thread:
- aix 4.2 4.3.1, adb GZ Apple (Jul 12)
- Re: aix 4.2 4.3.1, adb Mike Austin (Jul 13)
- Root Perms Gained with Patrol SNMP Agent 3.2 (all others?) Andrew Alness (Jul 13)
- Announcing First Annual ToorCon Ben (Jul 13)
- ircd exploit in ircu based code Kevin Day (Jul 13)
- Re: ircd exploit in ircu based code Kev (Jul 15)
- About IGMP and another exploit for Windows95x/98x Hector Leon (Jul 13)
- credit (was Re: About IGMP and another exploit for Windows95x/98x) Max Vision (Jul 14)
- Re: aix 4.2 4.3.1, adb Troy A. Bollinger (Jul 13)
- DoS attack on AT&T Wireless text-messaging service Peter Gamache (Jul 14)
- BO2K Aleph One (Jul 15)
- <Possible follow-ups>
- Re: aix 4.2 4.3.1, adb Peter.Fredriksson () Skriptor com (Jul 13)
- Re: aix 4.2 4.3.1, adb Troy A. Bollinger (Jul 15)