the ereet bug trackz0r hq has found a bug in the ConferenceRoom IRC server software. REwT Reports: CR has a serious bug which enables people to really annoy IRCops and users of the network. Not only that, but the IRCops don't have a clue of where it's coming from. the ereet bug trackz0r hq has known about this bug for quite a while, but has not released the nfo, thinking WebMaster would clean up. Well, they haven't. The ereet bug trackz0r hq has released a comemoritive WarForge Edition of the bug exploiter (FoQeR). Download it here: http://baste.magibox.net/~rewt/foq-wf.zip More nfo: The bug is a buffer overflow in the ConferenceRoom SNOTICE. It's a variation of the earlier "False Server SNOTICE." But this time, the IRCops have no idea where it's coming from. All you have to do is send alot of stuff along with your message (Message should be first, then all of the Alt+160s or whatever) when you do a "False Server SNOTICE" attack. Fix: I guess the WebMaster boiz will have to figer that out. for the tRa ereet bug trackz0r hq.. I'm Dr. REwT
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:47:33 PDT