[9925] in bugtraq
Re: Bug in IRC services
daemon@ATHENA.MIT.EDU (Pedro Ribeiro)
Tue Mar 16 13:43:13 1999
Date: Sun, 14 Mar 1999 00:47:12 +0000
Reply-To: Pedro Ribeiro <pribeiro@ISEL.PT>
From: Pedro Ribeiro <pribeiro@ISEL.PT>
X-To: Taral <taral@CYBERJUNKIE.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <99031219362500.19425@taral.dobiecenter.com>
The bug in our network wasn't in the services code, it was a ircd bug,
that was fixed as soon as we have the report of the problem.
The abuse done was small, some getpass commands and forbid's, all
recovered by us after the incident from the data in the services
command log.
If anyone want the details to avoid the same problem, i'll gladly answer.
Pedro Ribeiro / PTnet PAntMaR
On Fri, 12 Mar 1999, Taral wrote:
> On Fri, 12 Mar 1999, fractalg wrote:
> >Hello,
> >I've just found a big hole in services provided by IRC networks. The
> >services in question are Chanserv, Nickserv, Memoserv.
> >I've found them at Portuguese IRC Network aka PTNET but I think these can be
> >applied to other IRC networks that are based around DALNET code since PTNET
> >is a modified version of Dalnet code. If this doesn't work in other IRC
> >networks at least can be a good example of very bad programming in areas
> >related to security and networking.
>
> Not true. DALnet never released their services code. These are all CLONES.
>
> >So it came the new version of the servers this time with a nice feature !
> >You didnt need to identify the nick when the servers rejoined from the
> >split ! The first time I saw this I tought about how would the services
> >recognize me as the true nick before the split... I never had the chance to
> >test this theory until some days ago.
>
> Well, DALnet uses IDs and the like, and is most probably not susceptible to
> this. I really wish people would do more research before putting out junk like
> this. I doubt that this person even informed PTNET that their services had a
> bug.
>
> Taral
>
