Bugtraq mailing list archives
Re: BitchX exploit possibly waiting to happen, certain DoS
From: drow () FALSE ORG (Daniel Jacobowitz)
Date: Wed, 5 Jul 2000 13:23:53 -0700
On Tue, Jul 04, 2000 at 12:19:50AM +0200, bert hubert wrote:
With regards to the wu-ftpd exploits, it has come to my attention that BitchX (all recent versions), a very popular irc client amongst the sysadmin community contains code similar to wu-ftpd 2.6: logmsg(LOG_INVITE, from, 0, invite_channel); Where the last argument is a printf() style format argument. A patch is floating around which changes this line to: logmsg(LOG_INVITE, from, 0, "%s", invite_channel); See also http://bitchx.vda.nl/
A patch has been available on ftp.bitchx.org for about two days now: ftp://ftp.bitchx.org/pub/BitchX/source/1.0c16-format.patch ftp://ftp.bitchx.org/pub/BitchX/source/75p3-format.patch Fixed packages for Debian 2.2 are also available, and fixed packages for Debian 2.1 are forthcoming. Dan /--------------------------------\ /--------------------------------\ | Daniel Jacobowitz |__| SCS Class of 2002 | | Debian GNU/Linux Developer __ Carnegie Mellon University | | dan () debian org | | dmj+ () andrew cmu edu | \--------------------------------/ \--------------------------------/ <HR NOSHADE> <UL> <LI>application/pgp-signature attachment: stored </UL>
Current thread:
- Re: WuFTPD: Providing *remote* root since at least1994 Alan J Rosenthal (Jun 30)
- <Possible follow-ups>
- Re: WuFTPD: Providing *remote* root since at least1994 Kragen Sitaker (Jun 30)
- Re: WuFTPD: Providing *remote* root since at least1994 Kragen Sitaker (Jun 30)
- XFree86 4.0.1 and /tmp Joseph S. Myers (Jul 02)
- BitchX - more on format bugs? Forever shall I be. (Jul 03)
- BitchX exploit possibly waiting to happen, certain DoS bert hubert (Jul 03)
- Re: BitchX exploit possibly waiting to happen, certain DoS Daniel Jacobowitz (Jul 05)
- remote crash BitchX 1.0c16 Colten Edwards (Jul 03)
- Re: remote crash BitchX 1.0c16 Moniz, Troy (Jul 05)
- Oracle Web Listener for AIX DoS Peter Grundl (Jul 04)
- Remote DoS Attack in LocalWEB HTTP Server 1.2.0 Vulnerability Ussr Labs (Jul 04)
- Recovering Passwords in Visible Systems' Razor Clifford, Shawn A (Jul 05)
- proftp advisory lamagra (Jul 05)
- Re: proftp advisory Max Vision (Jul 05)
- Re: proftp advisory Daniel Jacobowitz (Jul 05)
- Secure IRC Fabio Pietrosanti (Jul 06)
- Re: WuFTPD: Providing *remote* root since at least1994 Sebastian (Jul 01)
(Thread continues...)