Date: Tue, 4 Jul 2000 00:01:18 -0600 From: Colten Edwards <edwards@BITCHX.DIMENSION6.COM> Subject: remote crash BitchX 1.0c16 To: BUGTRAQ@SECURITYFOCUS.COM There's a small bug in the latest BitchX in which a nasty user can invite you to a channel with a %s in it, causing the client to coredump. As alot of channels/users on irc use the client, I felt I should post a notice about this problem. A small patch is available on www.bitchx.com/downloads.html as well as on ftp.bitchx.com/pub/BitchX/1.0c16.patch This is a classic case of printf(variable); where variable contains formatting chars. I doubt very much this would lead to a root exploit, anyone running any irc client as root, should be examined professionally. I wish to thank the person who discovered this and reported it to #bitchx on efnet, as well as the many emails I received on this subject. We had a patch available for this before it widely known.. Colten Edwards panasync@efnet