Bug in Services for IRC Networks 4.2.2 allows any IRC user to launch a simple Denial of Service attack. Exploit description and software upgrade information included.
66deac9e1d35cfab66c8966457650fa973c27a57152b832250ca43f876539558Date: Thu, 22 Apr 1999 22:53:42 EDT
From: Andy Church <achurch@DRAGONFIRE.NET>
To: BUGTRAQ@netspace.org
Subject: Bug in Services for IRC Networks 4.2.2
A bug has been found in versions through 4.2.2 of Services for IRC
Networks which allows any IRC user to crash the program. The channel
service's SET SUCCESSOR command does not properly handle the case of no
parameters, and generates a segmentation fault attempting to access
address zero. This bug is believed to be present in all versions since
the SET SUCCESSOR command was introduced (in version 4.1.0).
A new version, 4.2.3, has been released which fixes this bug. Users
of prior versions of Services should upgrade immediately.
Services updates are always announced on the Services mailing list;
see http://achurch.dragonfire.net/services/about.html for information on
subscribing to the list.
--Andy Church
achurch@dragonfire.net
http://achurch.dragonfire.net/
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed