Re: Bahamut IRCd <= 1.4.35 and several derived daemons

From: Barnaba Marcello (l.barnaba_at_openssl.it)
Date: 06/26/03

Next message: Pal Juvancz: "Symantec NAV 7.6 CE Major Fault"

Previous message: Joel Eriksson: "Bahamut IRCd <= 1.4.35 and several derived daemons"
In reply to: Joel Eriksson: "Bahamut IRCd <= 1.4.35 and several derived daemons"
Next in thread: Roman Bogorodskiy: "Re: Bahamut IRCd <= 1.4.35 and several derived daemons"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 26 Jun 2003 22:50:15 +0200
To: bugtraq@securityfocus.com

Joel Eriksson ..

> The following daemon had already fixed the bug:
>
> cs-ircd-0.1.1beta

It should be noted that the "bugfix" into the "cs-ircd" release was
actually inherited from the bahamut-inet6[1] codebase, from which the
cs-ircd team started its own daemon :).

This little snippet of code demonstrates what I say:

#ifdef USE_SYSLOG

if (level == DEBUG_ERROR)
syslog(LOG_ERR, "%s", debugbuf); /*AZZURRA format string exploit
patch.*/

#endif

The key word is "Azzurra".

Best regards.

[1] http://bahamut-inet6.sourceforge.net/

-- 
pub 1024D/F04476A2 :: 6807 EEA5 7F97 AC9A D8EF  AE73 64CD 71A2 F044 76A2
http://suxserv.sourceforge.net/vjt.asc
Free advertisement: http://www.freebsd.org/

Next message: Pal Juvancz: "Symantec NAV 7.6 CE Major Fault"

Previous message: Joel Eriksson: "Bahamut IRCd <= 1.4.35 and several derived daemons"
In reply to: Joel Eriksson: "Bahamut IRCd <= 1.4.35 and several derived daemons"
Next in thread: Roman Bogorodskiy: "Re: Bahamut IRCd <= 1.4.35 and several derived daemons"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]