dufresneWINTERNET.COM

• Next message: Pete Philips: "Re: Win2k and /dev/zero"
• Previous message: 3APA3A: "(no subject)"
• In reply to: Thomas Dullien: "Re: BitchX /ignore bug"
• Next in thread: Keith Simonsen: "Re: BitchX /ignore bug"
• Next in thread: OutCasT: "Re: BitchX /ignore bug"
• Reply: Ron DuFresne: "Re: BitchX /ignore bug"
• Reply: Keith Simonsen: "Re: BitchX /ignore bug"
• Reply: Jeremy Gaddis: "Re: BitchX /ignore bug"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 5 Jul 2000, Thomas Dullien wrote:

> At 05:44 AM 7/5/2000 -0500, you wrote:
>
> >If I read this correctly, this is not an attack perse, but a self
> >annihilation is it not? and while a bug, not something one can use to
> >take others ofline or server, please correct me if I read this wrong.
>
> Erm...the user you invited will die. And yes, this can be remotely exploited
> to run arbitrary code I guess, too... (depends on whether you can get
> backslashes into channel names...)
>

seems at least efnet servers allow the required backslashes:

*** Users on #test/one: ^smoke

*** Users on #/test/one: ^smoke

Tis a nasty little mess fer sure,

Thanks,

Ron DuFresne

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
        ***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D. Just don't touch anything.

• Next message: Pete Philips: "Re: Win2k and /dev/zero"
• Previous message: 3APA3A: "(no subject)"
• In reply to: Thomas Dullien: "Re: BitchX /ignore bug"
• Next in thread: Keith Simonsen: "Re: BitchX /ignore bug"
• Next in thread: OutCasT: "Re: BitchX /ignore bug"
• Reply: Ron DuFresne: "Re: BitchX /ignore bug"
• Reply: Keith Simonsen: "Re: BitchX /ignore bug"
• Reply: Jeremy Gaddis: "Re: BitchX /ignore bug"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]