Donato Ferrante


Application:  Crackalaka
              http://www.stalphonsos.com/~attila/crackalaka

Version:      1.0.8

Bug:          Denial Of Service

Date:         09-Apr-2004

Author:       Donato Ferrante
              e-mail: fdonato@autistici.org
              web:    www.autistici.org/fdonato


xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

1. Description
2. The bug
3. The code
4. The fix



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

----------------
1. Description:
----------------

Vendor's description:

"Crackalaka is a small, standalone IRC server. 
It does not implement the inter-server portions of the IRC protocol,
and is meant for use by a small workgroup, preferably behind a
firewall."




xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

------------
2. The bug:
------------

The program is unable to manage a lot of not regular strings, in fact
it crashes.

The problem is in the function: hash_strcmp() of hash.c, in which
the program try to manage an unallocated sector of memory.



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

-------------
3. The code:
-------------

To test the vulnerability try to send to the irc server some big and
unregular strings or more simply you can use:

nc [host] 6667 < /dev/urandom



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

------------
4. The fix:
------------

Vendor was contacted.
Bug will be probably fixed in the next version.



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx