Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: BitchX exploit possibly waiting to happen, certain DoS

From: drow () FALSE ORG (Daniel Jacobowitz)
Date: Wed, 5 Jul 2000 13:23:53 -0700

On Tue, Jul 04, 2000 at 12:19:50AM +0200, bert hubert wrote:

With regards to the wu-ftpd exploits, it has come to my attention that
BitchX (all recent versions), a very popular irc client amongst the sysadmin
community contains code similar to wu-ftpd 2.6:

                logmsg(LOG_INVITE, from, 0, invite_channel);

Where the last argument is a printf() style format argument. A patch is
floating around which changes this line to:

                logmsg(LOG_INVITE, from, 0, "%s", invite_channel);

See also http://bitchx.vda.nl/


A patch has been available on ftp.bitchx.org for about two days now:

ftp://ftp.bitchx.org/pub/BitchX/source/1.0c16-format.patch
ftp://ftp.bitchx.org/pub/BitchX/source/75p3-format.patch

Fixed packages for Debian 2.2 are also available, and fixed packages
for Debian 2.1 are forthcoming.

Dan

/--------------------------------\  /--------------------------------\
|       Daniel Jacobowitz        |__|        SCS Class of 2002       |
|   Debian GNU/Linux Developer    __    Carnegie Mellon University   |
|         dan () debian org         |  |       dmj+ () andrew cmu edu      |
\--------------------------------/  \--------------------------------/

<HR NOSHADE>
<UL>
<LI>application/pgp-signature attachment: stored
</UL>
Previous By Date Next
Previous By Thread Next

Current thread: