[10132] in bugtraq
Re: Long-standing bug in AustNet IRC network Virtual World
daemon@ATHENA.MIT.EDU (Sean Kelly)
Wed Apr 7 19:40:15 1999
Date: Wed, 7 Apr 1999 17:26:05 -0500
Reply-To: Sean Kelly <smkelly@ZOMBIE.ORG>
From: Sean Kelly <smkelly@ZOMBIE.ORG>
X-To: Henrik Edlund <henrik@EDLUND.ORG>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.LNX.4.10.9904070011450.16504-100000@corellia.edlund.org>;
from Henrik Edlund on Wed, Apr 07, 1999 at 12:13:09AM +0200
--XsQoSWH+UP9D9v3l
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
On Wed, Apr 07, 1999 at 12:13:09AM +0200, Henrik Edlund wrote:
> The exact same exploit can be used against the cloaking system in use at
> SlashNET (irc.slashnet.org).
>=20
This problem has been known for a while and there are fixes for it.
Although we have not gone through our database yet and done it for the user=
s,
we have told all of the users that by issuing the command:
/MSG NickServ SET HIDE USERMASK ON
This fixes the bug where users can /MSG NickServ INFO <nickname> and get
"Last Seen hostmask:", and it also fixes the hsotname being shown in LIST
output.
This problem was brought to our attention a few weeks ago, and
I believe it was you who did. We made the solution clear to the users then
and will continue to do so.
> --
> Henrik Edlund
> http://www.edlund.org/
>=20
> "They were in the wrong place at the wrong time.
> Naturally they became heroes."
> Leia Organa of Alderaan, Senator
--=20
Sean Kelly <smkelly@zombie.org> or <smkelly@concentric.net>
PGP KeyID: 1024/77042C7B ICQ UIN: 27955995 AIM: CmdrLinux
IRC: drdink@SlashNET
Send e-mail to smkelly@zombie.org with subject "send pgp key" for public ke=
y.
--XsQoSWH+UP9D9v3l
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v0.9.5 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE3C9t72aukpHcELHsRASzEAJsGpxsVuLWU53dsq1R/hV511ODXngCeMEQR
edLFDqqLnBlGJ7EbzU0O2Ow=
=Dao5
-----END PGP SIGNATURE-----
--XsQoSWH+UP9D9v3l--
