OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: BitchX /ignore bug
From: Steve Mosher (goatPHOENIX.ISN.NET)
Date: Thu Jul 06 2000 - 20:44:21 CDT

        It's amazing how some code gets written. I'm glad that I was
"raised" in a security-conscious environment. I used to take it for
granted that coders always check for every possible weak point in their
code that they knew of, now I'm not so naive. How often does this happen? I
doubt it's laziness, or even ignorance -- some of these issues are pretty
obscure. Is it the teachers' fault, can anyone be blamed? More
importantly, is there anything (short of Java, or any change in language)
that can be done about it?
        Imagine how little we would know if this were
closed source. *Someone* would notice a segmentation violation sometime,
fire up a debugger, produce an exploit, and finally an advisory would be
written. We wouldn't really know a thing. Who knows how long these things
would go unpatched for?

On Thu, 06 Jul 2000, Keith Simonsen wrote:
> Hi,
>
> Those are front slashes, but backslashes work:
>
> Channel #\xff\xff\xff/bin/sh was created at Thu Jul 6 14:56:29 2000
>
> In the ircd_defs.h file included with efnet ircd source the max channel
> length is 200 bytes (#define CHANNELLEN 200)
>
> hmm I also noticed the ban length is 1024... thats a lot of room, and is
> passed to the client when joining a channel. I also tried setting bans
> with %s and other formatting characters, it works...
>
> Anyone want to check the BitchX code for how it parses bans when the
> client joins the channel? 

--
Shop smart, shop S-Mart!
	- Ash