[18038] in bugtraq
Re: Killing ircds via DNS
daemon@ATHENA.MIT.EDU (Darren Reed)
Tue Dec 12 18:53:28 2000
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id: <200012120155.MAA11168@caligula.anu.edu.au>
Date: Tue, 12 Dec 2000 12:55:48 +1100
Reply-To: Darren Reed <avalon@COOMBS.ANU.EDU.AU>
From: Darren Reed <avalon@COOMBS.ANU.EDU.AU>
X-To: david_luyer@PACIFIC.NET.AU
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <200012110123.eBB1NuD26787@typhaon.pacific.net.au> from "David
Luyer" at Dec 11, 2000 12:23:56 PM
In some mail from David Luyer, sie said:
>
> > On Wed, Dec 06, 2000 at 08:02:59PM +1100, David Luyer wrote:
> > > It appears some people have discovered a bug in various IRCd's res.c.
> >
> > IRCnet ircd had this bug fixed on 19 Jun 1997, release 2.9.3 was
> > clean. As far as we can see, other irc daemons like hybrid, ircu,
> > bahamut are not affected. The only one we could trace to have it
> > was old dalnet dreamforge, so it could be all based on it are
> > vulnerable.
>
> Well, it was also in austhex, which was where I saw it. There are many irc
> daemons out there, and I wouldn't be surprised if a number were based on
> old dalnet code.
It's the code which dalnet is based on that's at fault (I wrote it some oh...
many many years ago now :) ... austhex/bitchx/bahamut are all GPL'd too ?
Anyway, I'm sure it seemed like a good idea at the time to do it that way :)
Thinking back, I think the idea was to not bail if a short answer was given.
More than likely I was trying to be too nice.
Looks like that "it's open source, everyone reads the code and audits it"
theory is really holding place there. Only took around 5 years for that
bug to be fixed in the IRCnet ircd. Wonder what other subtle bugs are in
other software packages, waiting to be niggled, causing the system to die
...
Darren
