Vulnerability Development mailing list archives
Re: BitchX /ignore bug
From: typo () SCENE AT (Firstname Lastname)
Date: Wed, 5 Jul 2000 03:56:09 +0200
On Wed, Jul 05, 2000 at 02:24:41AM +0200, Rick Jansen wrote:
Because of a simple /invite nickname #%s%s%s%s%s%s%s%s%s, BitchX will segfault and coredump. This is a small programming error,
no its not.. its a fatal, and exploitable bug. and the rest of bitchx's code doesn't look much better.. lets examine at the rest of parse.c, just looking for completly similiar issues with logmsg: parse.c:1033: warning: TESO: Insufficient Format arguments: logmsg(4/5). parse.c:1100: warning: TESO: Insufficient Format arguments: logmsg(4/5). parse.c:1033: logmsg(LOG_INVITE, from, 0, invite_channel); parse.c:1100: logmsg(LOG_KILL, from, 0, ArgList[1]?ArgList[1]:"(No Reason)"); (when fixing code, fix the whole.. if thats too much work, trash the code and start again.) and umh.. my bugtraq post from months ago was refused, and i never got an reply from the authors (bitchx mailinglist, that is): BitchX privileged port dcc protection is susceptable to overflowing the port argument (meaning: its ineffectual). -- so much entropy, so little time
Current thread:
- Re: default passwords...partII, (continued)
- Re: default passwords...partII CouNT (Jul 06)
- Re: default passwords...partII Max Vision (Jul 04)
- Formatting bugs (was BitchX /ignore bug) Kotz (Jul 04)
- Re: Maximum Linux Security (d/l) Renato Murilo Langona (Jul 04)
- BitchX /ignore bug Rick Jansen (Jul 04)
- Re: BitchX /ignore bug Blue Boar (Jul 04)
- Re: BitchX /ignore bug Ron DuFresne (Jul 05)
- Re: BitchX /ignore bug nohican () MARCELLA NIETS ORG (Jul 05)
- Re: BitchX /ignore bug Steve Mosher (Jul 05)
- Re: BitchX /ignore bug Ryan Yagatich (Jul 05)
- Re: BitchX /ignore bug Firstname Lastname (Jul 04)
- Re: Maximum Linux Security (d/l) rompa (Jul 10)
- Re: Default passwords er (Jul 04)
- Re: Default passwords Ex Machina (Jul 05)
- Re: Default passwords Rodrigo Barbosa (Jul 05)
- Re: Default passwords M J (Jul 05)
- (no subject) The Incubus (Jul 05)
- (no subject) Chris A. Mattingly (Jul 05)
- (no subject) 3APA3A (Jul 06)
- (no subject) Slawek (Jul 07)
- Re: apache and 404/404 status codes Shelagh Pepper (Jul 07)