Bugtraq mailing list archives

Re: DCC HiJacking patch for BitchX 75p1

From: davem+ () ANDREW CMU EDU (David Jay Meltzer)
Date: Tue, 22 Dec 1998 16:58:12 -0500

Hi all,
   as recently discovered, with a simple port scan you can hijack some
of the BitchX dcc connections. This due to the port assigning on the
requesting client.


Recently?  These issues were published as "IRC DCC Protocol Security Holes"
from FEH Staff in "FEH Issue #4" released 12/26/95.

-Dave

-------------------------------------
          David J. Meltzer
           davem+ () cmu edu
     Carnegie Mellon University
-------------------------------------

Current thread:

Re: DCC HiJacking patch for BitchX 75p1 David Jay Meltzer (Dec 22)
- <Possible follow-ups>
- Re: DCC HiJacking patch for BitchX 75p1 Ambrose Feinstein (Dec 22)