Re: More Detailed Info on the BitchX Format Bugs

[RoboHak () PROTOVISION ORG (RoboHak)]

On Fri, Jul 07, 2000 at 03:22:20PM -0700, Ryan Russell wrote:
> On Fri, 7 Jul 2000, RoboHak wrote:
>
> > After some code auditing I found some other format bugs that only
> > effected local commands.  I had other things I had to do, and since
> > the bugs were only locally exploitable, I waited a few hours until
> > panasync (Colten Edwards) showed up on irc.  The local bugs were not
> > as simple to fix, so we discused the best way to go about fixing them.
> > Once we had all the bugs we could find fixed, panasync commited them
> > to our CVS repository.
>
> How about the /ban string passing, as reported in the vuln-dev list?
>
>                                               Ryan

I have not been able to reproduce that in any recent version of BitchX.  Old versions (prior to 73 if I recall 
correctly) had a format bug in the ban parsing code, but that was fixed long ago.  If anyone has specific information 
on where the problem is or how to reproduce it, let me know.

--
RoboHak             RoboHak () protovision org | RoboHak () mediaone net

-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GAT d-(--) s++:-- a-- C+++(++++) UL++++ UB++++ P+@ L+++(++++) E-
W+++(--)$ N+@ o? K w--- O-- M-- V-- PS+ PE Y++@ PGP++@ t+ 5(+) X+@
R tv+@ b++@ DI+++ D++@ G e h! r-- y--
------END GEEK CODE BLOCK------