Re: DCC HiJacking patch for BitchX 75p1

From: David Jay Meltzer (davem+@ANDREW.CMU.EDU)
Date: Tue Dec 22 1998 - 13:58:12 PST

Next message: HD Moore: "Nlog v1.0 Released - Nmap 2.x log management / analyzing tool"

Previous message: Wietse Venema: "Re: Postfix design directions"
Next in thread: Ambrose Feinstein: "Re: DCC HiJacking patch for BitchX 75p1"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Hi all,
>    as recently discovered, with a simple port scan you can hijack some
> of the BitchX dcc connections. This due to the port assigning on the
> requesting client.

Recently?  These issues were published as "IRC DCC Protocol Security Holes"
from FEH Staff in "FEH Issue #4" released 12/26/95.

-Dave

-------------------------------------
          David J. Meltzer
           davem+@cmu.edu
     Carnegie Mellon University
-------------------------------------

Next message: HD Moore: "Nlog v1.0 Released - Nmap 2.x log management / analyzing tool"
Previous message: Wietse Venema: "Re: Postfix design directions"
Next in thread: Ambrose Feinstein: "Re: DCC HiJacking patch for BitchX 75p1"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:26:10 PDT