[11032] in bugtraq
Re: ircd exploit in ircu based code (fwd)
daemon@ATHENA.MIT.EDU (Andrea Cocito)
Thu Jul 15 19:18:31 1999
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Message-Id: <l03130300b3b2cc48870f@[212.216.231.68]>
Date: Thu, 15 Jul 1999 01:28:02 +0200
Reply-To: Andrea Cocito <blackye@UNDERNET.ORG>
From: Andrea Cocito <blackye@UNDERNET.ORG>
X-To: BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.SOL.4.10.9907141808530.13876-100000@moonflower.uark.edu>
>From: Kevin Day <toasty@DRAGONDATA.COM>
>To: BUGTRAQ@SECURITYFOCUS.COM
>Subject: ircd exploit in ircu based code
>
>Most irc networks using ircu based servers have a bug that can cause users
>to segfault the server.
>
>In m_join, the code doesn't check to see if get_channel returned failure (by
>returning NULL).
As of now I can't even find this bug in the oldest versions of our code,
for sure isn't there in u2.10.06, I still have to check on the previous
2.10.05 that is still packaged in some Linux/BSD distributions.
Would you please let me know in what version of the Undernet's code you
found it and, in case there is still a way to core the current servers
report the way to exploit it on bugs@undernet.org ?
We would appreciate a lot if any bug that can cause a server coredump
is reported on bugs@undernet.org with a few days of advantage respect
to the other public lists... so we can fix it on te fly (we happen to
have a living network with 38k users on it...).
Thanks a lot,
Andrea aka Nemesi,
Undernet's coder committee.
