[9916] in bugtraq
Re: Bug in IRC services
daemon@ATHENA.MIT.EDU (David Schwartz)
Fri Mar 12 22:36:20 1999
Date: Fri, 12 Mar 1999 17:49:05 -0800
Reply-To: David Schwartz <davids@WEBMASTER.COM>
From: David Schwartz <davids@WEBMASTER.COM>
X-To: fractalg@lidernet.pt
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <yam7740.1049.136947040@mail.telepac.pt>
> I think Dalnet and other networks use the same services so if
> they could be
> exploitable too.
No.
DALnet's services uses a 'services identifier', which is a unique
identifier assigned to each client when they connect to the IRC network.
Unless DALnet's services can confirm your services identifier, you will not
get any identify-based privileges.
I'd go into more detail as to exactly how this works, but DALnet's services
is proprietary to the DALnet IRC Network, and I'm not allowed to discuss its
security features publically. But suffice it to say that on DALnet, this
should be impossible by explicit design.
I find it hard to believe that any IRC network would fail as you described.
People change nicknames all the time on an IRC network, and it would be
literally moronic to use the nickname in an access check. (No offense
intended to the specific network you mentioned.)
David Schwartz (JoelKatz)
Coding Director
DALnet
<JoelKatz@dal.net>
