Vulnerability Development mailing list archives
Re: BitchX /ignore bug
From: dufresne () WINTERNET COM (Ron DuFresne)
Date: Wed, 5 Jul 2000 05:44:05 -0500
If I read this correctly, this is not an attack perse, but a self annihilation is it not? and while a bug, not something one can use to take others ofline or server, please correct me if I read this wrong. Thanks, Ron DuFresne On Tue, 4 Jul 2000, Blue Boar wrote:
Rick Jansen wrote:I don't know whether this is the right place to put it, but i'm going to anyway :)Yup, and probably Bugtraq, too.Because of a simple /invite nickname #%s%s%s%s%s%s%s%s%s, BitchX will segfault and coredump. This is a small programming error, you can find a patch at this location: http://root66.org/karin/BitchX-bug-patch-3-juli-2000.tar.gz by Frank van Vliet, alias {}.The subject: line says /ignore, I assume this problem only occurs with /invite? (I don't use IRC much. /ignore wouldn't send anything to the ignored party, would it?) As a general question for vuln-dev: I've seen a number of these print string vulnerabilities pop up lately. I gather that the programmer writes their printf or equiv wrong, and these attacks are getting interpreted as formatting strings somehow. Can someone explain to me what goes on on a stack level? Are these exploitable (pushing code) instead of just crashing? BB
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything.
Current thread:
- default passwords...partII, (continued)
- default passwords...partII Roelof Temmingh (Jul 04)
- Re: default passwords...partII Daniel SALAGEAN (Jul 04)
- Re: default passwords...partII Joe Jenkins (Jul 05)
- Re: default passwords...partII Daniel SALAGEAN (Jul 05)
- Re: default passwords...partII CouNT (Jul 06)
- Re: default passwords...partII Max Vision (Jul 04)
- Formatting bugs (was BitchX /ignore bug) Kotz (Jul 04)
- Re: Maximum Linux Security (d/l) Renato Murilo Langona (Jul 04)
- BitchX /ignore bug Rick Jansen (Jul 04)
- Re: BitchX /ignore bug Blue Boar (Jul 04)
- Re: BitchX /ignore bug Ron DuFresne (Jul 05)
- Re: BitchX /ignore bug nohican () MARCELLA NIETS ORG (Jul 05)
- Re: BitchX /ignore bug Steve Mosher (Jul 05)
- Re: BitchX /ignore bug Ryan Yagatich (Jul 05)
- Re: BitchX /ignore bug Firstname Lastname (Jul 04)
- Re: Maximum Linux Security (d/l) rompa (Jul 10)
- Re: Default passwords er (Jul 04)
- Re: Default passwords Ex Machina (Jul 05)
- Re: Default passwords Rodrigo Barbosa (Jul 05)
- Re: Default passwords M J (Jul 05)
- (no subject) The Incubus (Jul 05)