New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Format string vulnerability in Anope bs_seen
Might be useful to know for those running Anope on their server(s): a format string vulnerability has been found in the bs_seen module that can be triggered by trying to locate an unknown user. The patch is as follows (diff format):
@
snprintf(buf, sizeof(buf), moduleGetLangString(u, LANG_SEEN_BOT), u->nick);
} else if (!(na = findnick(target)) || (na->status & NS_VERBOTEN)) {
/* The user is looking for a forbidden or non-existing nick */
- snprintf(buf, sizeof(buf), moduleGetLangString(u, LANG_SEEN_UNKNOWN), target);
+ snprintf(buf, sizeof(buf), moduleGetLangString(u, LANG_SEEN_UNKNOWN), "that");
} else if ((u2 = nc_on_chan(ci->c, na->nc))) {
/* The user is looking for someone currently on the channel. This
* is either theirselves or someone on the channel. In the last case,
To patch, apply the diff to bs_seen.c, and recompile your Anope modules.
Originally posted at http://modules.anope.org/index.php?page=view&id=25
Thanked by 1MrDOS
