hybrid-ircd

2000-11-27T00:00:00
ID SECURITYVULNS:DOC:980
Type securityvulns
Reporter Securityvulns
Modified 2000-11-27T00:00:00

Description

format string problems in hybrid-ircd. some fixed need valid domain, and in-addr.arpa. bind8, configure check-names warn; make host %n%n%n%n.host.com in a 1.2.3.4 4.3.2.1.in-addr.arpa in ptr %n%n%n%n.host.com connect to comstud (CS) server because allows % connect 2nd client to hybrid server, join channel. join comstud client to channel, hybrid server crashes. use comstud client to place ban on channel, hybrid server crashes. cause nick collision with hybrid and comstud client, hybrid crashes. send a notice from comstud client to hybrid client, hybrid crashes

-ntn


This message was sent with Sendpad.com. The sender indicated his or her e-mail address as "ircd@efnet.net" Send anonymous e-mail right now at http://www.sendpad.com