Bugtraq mailing list archives
Re: BitchX exploit possibly waiting to happen, certain DoS
From: spikeman () MYSELF COM (Spikeman)
Date: Thu, 6 Jul 2000 17:08:28 -0500
EPIC4pre2.500 == safe Blackened 1.7.1 == safe ircII 4.4 :ircii 2.9: AT&T you will (ojnk!) == safe ircII 4.4J+ScrollZ v1.8i6/Public (27.1.2000)+Cdcc v1.8+OperMods v1.0 = safe OutCasT wrote:
A temporary solution is to switch to another client, like ircII, which is considered by many to be the more karmic client anyway.This hasn't been proven, nor has it been proven or announced that ircII or any other client wich derived from it is vunerable. As I said in the Vuln-dev list. BitchX originaly is a patched version of irc.. ircII maybe. If BitchX is vunerable. My guess is all other equevelants (like ircII-EPIC) could be in trouble to. As far as I can tell, nobody has looked into the other clients. At the moment I have no time. Any vulanteers? I am aware of patches. But not aware of auditing being performed on BitchX his/her brothers & sisters. My advice: Telnet Greetings, Sacha Ligthert outcast@root66
-- ___ /\ \ phase two of global domination in operation, hide all lions. /::\ \ /:/\:\ \ Comments or Questions email spikeman () myself com _\:\~\:\ \ /\ \:\ \:\__\ Spikeman spikeman () myself com \:\ \:\ \/__/ http://www.spikeman.net \:\ \:\__\ Find Me On EFNET /whois Spikeman \:\/:/ / \::/ / Friends are lights in winter; \/__/ The older the friend, the brighter the light.
Current thread:
- Re: BitchX exploit possibly waiting to happen, certain DoS OutCasT (Jul 05)
- Re: BitchX exploit possibly waiting to happen, certain DoS Spikeman (Jul 06)