Re: [Bugs] Fw: IRC: Exploit for a Bug in ircd2.10.x (qident)

[blackye () UNDERNET ORG (Andrea Cocito)]

Hi there,

At 1:55 +0200 10-08-1999, Simon Coggins wrote:
> I'm sure your all on the list but just incase.

> ----- Original Message -----
> From: <psychoid () GMX NET>

> > qident does not check sucessfully for spaces and characters
> > as like *, ! and @.
> >
> > When using an ident as like "@o ! ! !", o would be treated as
> > host, the parameters which are left, would be enhanced by the number of
> > spaces provided by the ident.

thanks for the report, no I am not on bugtraq, I rely on
people in there contacting us to forward what's relevant ;)

As reported I don't think this problem exists on undernet's
codebase, since version .02 or such the reply of ident is
strongly checked and allows a very restricted set of chars,
dropping off (either by replacing them with _ or by forcing
them to terminate the userid) basically any non plain ascii
char and any char that has a special meaning to the irc
protocol.

Should something have slipped out of the checks.. jst report
it to me and will be fixed on the fly, as of now I think that
Undernet's ircu is safe from this kind of exploit.

Regards,

Andrea aka Nemesi
Undernet's coders committee.

[P.S.: Why there are on bugtraq 50 persons unable to tell their
 "vacation" message to not be sent to the posters of the mailing
 lists ? Lameness....]