Slashdot Mirror

← Back to Stories (view on slashdot.org)

EFnet Paralyzed By Vulnerability

Posted by Unknown on from the blame-c dept.

An anonymous reader writes "EFnet member Fionn 'Fudge' Kelleher reported several vulnerabilities in the IRC daemons charybdis, ircd-ratbox, and other derivative IRCds. The vulnerability was subsequently used to bring down large portions of the EFnet IRC network." By crafting a particular message, you can cause the IRC daemon to call strlen(NULL) and game over, core dumped.

5 of 156 comments (clear)

  1. Sigh... by MightyMartian · · Score: 5, Funny

    1998 called and want their attack vector back.

    --
    The world's burning. Moped Jesus spotted on I50. Details at 11.
    1. Re:Sigh... by skovnymfe · · Score: 4, Funny

      It's retro cracking. Old is the new new, y'know?

  2. Re:EFnet is already paralyzed by jones_supa · · Score: 4, Interesting

    I wonder if the whole ancient IRC standard needs a steamrolling anyway. A lot of the new services are implemented by ugly hacks, bubblegum or bots. Things like registering a nickname, maintaining the administrators of a channel or handling netsplits, these could all be handled much more nicely. IRC needs a redesign from scratch...

  3. Great! by lemur3 · · Score: 4, Funny

    Now I can finally get that nickname I have been wanting since 1999 !!

  4. Re:EFnet is already paralyzed by Vermyndax · · Score: 5, Funny

    While you're at it, please redesign SMTP.