|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: BitchX /ignore bug
From: Ron DuFresne (dufresne
WINTERNET.COM)Date: Fri Jul 07 2000 - 09:34:35 CDT
- Next message: Slawek: "Re: BitchX /ignore bug"
- Previous message: Steve Mosher: "Re: BitchX /ignore bug"
- In reply to: Bluefish: "Re: BitchX /ignore bug"
- Next in thread: Juan M. Courcoul: "Re: BitchX /ignore bug"
- Next in thread: Matthew S. Hallacy: "Re: BitchX /ignore bug"
- Reply: Ron DuFresne: "Re: BitchX /ignore bug"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
testing this on efent, and it's not possible at this time to test the
original length channel: #%s%s%s%s%s%s%s%s%s, as it is closed down, but,
testing by adding a few more and less %s's as well as with %n's in channel
names with IRCII 2.8.2-EPIC2.002 shows no vulnerability to this attack.
Perhaps someone can clue me, is the length of the channel string fixed in
this assualt, or can it vary somewhat in length? I'll try to do some
further testing on a private server I know of that I can work on better
later this weekend.
Thanks,
Ron DuFresne
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
***testing, only testing, and damn good at it too!***
OK, so you're a Ph.D. Just don't touch anything.
- Next message: Slawek: "Re: BitchX /ignore bug"
- Previous message: Steve Mosher: "Re: BitchX /ignore bug"
- In reply to: Bluefish: "Re: BitchX /ignore bug"
- Next in thread: Juan M. Courcoul: "Re: BitchX /ignore bug"
- Next in thread: Matthew S. Hallacy: "Re: BitchX /ignore bug"
- Reply: Ron DuFresne: "Re: BitchX /ignore bug"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]