Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Bugtraq: Re: Remote buffer overflow, remote DoS and format string bug in current IRCd's tkserv

Re: Remote buffer overflow, remote DoS and format string bug in current IRCd's tkserv

From: Piotr Kucharski <chopin_at_SGH.WAW.PL>
Date: Mon, 5 Mar 2001 22:35:28 +0100

On Mon, Mar 05, 2001 at 06:15:01PM +0100, Paul Starzetz wrote:
> There are 3 major bugs in the current IRCd distribution (as used on the
> IRCnet for example).

First of all I want to emphasize that this is NOT current IRCnet IRCD, that
is vulnerable. All files in contrib/ directory are not part of IRCD daemon,
they are related to it.

> a) remote exploitable buffer overflow while querying tklines
> b) memory leck due to strdup'ing a string and not freeing the mem

These are so easy to fix that including diff would be an offence to every
bugtraq reader. Of course next version of IRCnet ircd will include fixed
tkserv.

> c) format string bug while reading the ircd's config file

Btw, that one was fixed Aug, 2000 by Marc Roger. Unfortunately, we haven't
released yet since then ;)

> 3. Solution
> See discussion. Do not request opered access to your tkserv.
> Update as soon as possible.

And please, next time give authors some time to fix things before
blowing up fireworks.

p.

/ircnet ircd maint./
Received on Mar 05 2001

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos