[15699] in bugtraq
Re: More Detailed Info on the BitchX Format Bugs
daemon@ATHENA.MIT.EDU (Ryan Russell)
Mon Jul 10 02:56:49 2000
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.GSO.4.21.0007071517280.16366-100000@mail>
Date: Fri, 7 Jul 2000 15:22:20 -0700
Reply-To: Ryan Russell <ryan@SECURITYFOCUS.COM>
From: Ryan Russell <ryan@SECURITYFOCUS.COM>
X-To: RoboHak <RoboHak@PROTOVISION.ORG>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <20000707040629.A151@protovision.org>
On Fri, 7 Jul 2000, RoboHak wrote:
> After some code auditing I found some other format bugs that only
> effected local commands. I had other things I had to do, and since
> the bugs were only locally exploitable, I waited a few hours until
> panasync (Colten Edwards) showed up on irc. The local bugs were not
> as simple to fix, so we discused the best way to go about fixing them.
> Once we had all the bugs we could find fixed, panasync commited them
> to our CVS repository.
How about the /ban string passing, as reported in the vuln-dev list?
Ryan
