Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: BitchX exploit possibly waiting to happen, certain DoS

From: outcast () CUBA XS4ALL NL (OutCasT)
Date: Thu, 6 Jul 2000 00:13:00 +0200


A temporary solution is to switch to another client, like ircII, which is
considered by many to be the more karmic client anyway.

This hasn't been proven, nor has it been proven or announced that ircII
or any other client wich derived from it is vunerable.

As I said in the Vuln-dev list. BitchX originaly is a patched version of
irc.. ircII maybe. If BitchX is vunerable. My guess is all other
equevelants (like ircII-EPIC) could be in trouble to.

As far as I can tell, nobody has looked into the other clients.
At the moment I have no time. Any vulanteers?
I am aware of patches. But not aware of auditing being performed on BitchX
his/her brothers & sisters.

My advice: Telnet

Greetings,
        Sacha Ligthert

outcast@root66
Previous By Date Next
Previous By Thread Next

Current thread: