IRC bug ?
Found this message in BUGTRAQ, not sure if it has been seen here yet...
--------------------------------------------------------------------
Date: Fri, 1 Aug 1997 23:10:57 -0500
From: Matt <ainvar@ENTERACT.COM>
To: BUGTRAQ@NETSPACE.ORG
Subject: Bugs in Debian Linux's ircd package
There are a couple of bugs in the Undernet IRC Server package (ircd 2.9.32-3)
which is included in Debian Linux 1.3.1 (and probably earlier versions as
well)...
First, /etc/ircd/ is set world readable... This directory contains the server
configuration files and irc operator passwords. By default, the passwords are
encrypted, but anyone with crack can easily bypass this protection in a few
hours and /oper themselves!
The fix:
chmod 700 /etc/ircd/
Second, the package adds the following line to inetd.conf:
ircd stream tcp wait root /usr/sbin/ircd ircd -i
ircd is supposed to be run as 'irc', not 'root'..! I don't know if this is
exploitable in any way, but the irc server does -not- require root priviledges.
The fix:
chown irc.irc /etc/ircd/
and
change the line in inetd.conf to
ircd stream tcp wait irc /usr/sbin/ircd ircd -i
or (if you are running xinetd)
service ircd
{
socket_type = stream
user = irc
wait = yes
server = /usr/sbin/ircd
server_args = -i
}
That's all for now..
-ir (ainvar@enteract.com)
Greets to #hackhelp on the Undernet!
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: