I agree, I remember when segfaults in bnc (an irc bouncing/proxy program) led to remote root compromises. Im also aware that alot of users who may use shells which have BitchX idle on efnet and other large irc servers, for days at a time. It'd be interesting to see a remote develop for BitchX....something new ;p -- mezzanine ----- Original Message ----- From: Erik Sperling Johansen <erikat_private> To: <vuln-devat_private> Sent: Saturday, December 29, 2001 5:23 AM Subject: Re: BitchX Segmentation Fault > *********** REPLY SEPARATOR *********** > > On 28.12.2001 at 12:16 Ugen wrote: > > >Seems to me this is becoming a list to discuss various crashes/faults > >in client applications. There are millions of these... > >Their exploitability is very low to none and *imo* such discussion really > > For most client applications that holds true, but for an IRC client often left unattended connected to some network, a remote access exploit wouldn't be too farfetched, and I'd say bugs in this particular client application, as well as any other client application where faults could quite easily lead to compromise of a box (e.g. browsers, email clients) fits this list? > > -- > Erik Sperling Johansen > Erik Sperling Johansen > http://www.darkfallonline.com > > >
This archive was generated by hypermail 2b30 : Sat Dec 29 2001 - 18:09:27 PST