[8817] in bugtraq
Re: DCC HiJacking patch for BitchX 75p1
daemon@ATHENA.MIT.EDU (David Jay Meltzer)
Thu Dec 24 19:47:42 1998
Date: Tue, 22 Dec 1998 16:58:12 -0500
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: David Jay Meltzer <davem+@ANDREW.CMU.EDU>
X-To: nailtbt@tin.it
To: BUGTRAQ@NETSPACE.ORG
> Hi all,
> as recently discovered, with a simple port scan you can hijack some
> of the BitchX dcc connections. This due to the port assigning on the
> requesting client.
Recently? These issues were published as "IRC DCC Protocol Security Holes"
from FEH Staff in "FEH Issue #4" released 12/26/95.
-Dave
-------------------------------------
David J. Meltzer
davem+@cmu.edu
Carnegie Mellon University
-------------------------------------
