irc.services.DoS.txt

1999-08-17T00:00:00
ID PACKETSTORM:12025
Type packetstorm
Reporter Packet Storm
Modified 1999-08-17T00:00:00

Description

                                        
                                            `Date: Thu, 22 Apr 1999 22:53:42 EDT  
From: Andy Church <achurch@DRAGONFIRE.NET>  
To: BUGTRAQ@netspace.org  
Subject: Bug in Services for IRC Networks 4.2.2  
  
A bug has been found in versions through 4.2.2 of Services for IRC  
Networks which allows any IRC user to crash the program. The channel  
service's SET SUCCESSOR command does not properly handle the case of no  
parameters, and generates a segmentation fault attempting to access  
address zero. This bug is believed to be present in all versions since  
the SET SUCCESSOR command was introduced (in version 4.1.0).  
  
A new version, 4.2.3, has been released which fixes this bug. Users  
of prior versions of Services should upgrade immediately.  
  
Services updates are always announced on the Services mailing list;  
see http://achurch.dragonfire.net/services/about.html for information on  
subscribing to the list.  
  
--Andy Church  
achurch@dragonfire.net  
http://achurch.dragonfire.net/  
  
`