[15659] in bugtraq
Re: BitchX exploit possibly waiting to happen, certain DoS
daemon@ATHENA.MIT.EDU (Daniel Jacobowitz)
Thu Jul 6 14:35:03 2000
Mail-Followup-To: Daniel Jacobowitz <drow@false.org>, BUGTRAQ@SECURITYFOCUS.COM
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="VbJkn9YxBvnuCH5J"
Content-Disposition: inline
Message-ID: <20000705132353.A18723@drow.them.org>
Date: Wed, 5 Jul 2000 13:23:53 -0700
Reply-To: Daniel Jacobowitz <drow@FALSE.ORG>
From: Daniel Jacobowitz <drow@FALSE.ORG>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <20000704001949.A14132@home.ds9a.nl>; from ahu@DS9A.NL on Tue,
Jul 04, 2000 at 12:19:50AM +0200
--VbJkn9YxBvnuCH5J
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Tue, Jul 04, 2000 at 12:19:50AM +0200, bert hubert wrote:
> With regards to the wu-ftpd exploits, it has come to my attention that
> BitchX (all recent versions), a very popular irc client amongst the sysad=
min
> community contains code similar to wu-ftpd 2.6:
>=20
> logmsg(LOG_INVITE, from, 0, invite_channel);
>=20
> Where the last argument is a printf() style format argument. A patch is
> floating around which changes this line to:
>=20
> logmsg(LOG_INVITE, from, 0, "%s", invite_channel);
>=20
> See also http://bitchx.vda.nl/
A patch has been available on ftp.bitchx.org for about two days now:
ftp://ftp.bitchx.org/pub/BitchX/source/1.0c16-format.patch
ftp://ftp.bitchx.org/pub/BitchX/source/75p3-format.patch
Fixed packages for Debian 2.2 are also available, and fixed packages
for Debian 2.1 are forthcoming.
Dan
/--------------------------------\ /--------------------------------\
| Daniel Jacobowitz |__| SCS Class of 2002 |
| Debian GNU/Linux Developer __ Carnegie Mellon University |
| dan@debian.org | | dmj+@andrew.cmu.edu |
\--------------------------------/ \--------------------------------/
--VbJkn9YxBvnuCH5J
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE5Y5lZbgOPXuCjg3cRAligAJwPw/LRPONOYiqjBkx/f7RHocCvxwCeI3PD
7MEo45774FPIPyP0wcGNPoQ=
=xR3u
-----END PGP SIGNATURE-----
--VbJkn9YxBvnuCH5J--
