Found this message in BUGTRAQ, not sure if it has been seen here yet... --------------------------------------------------------------------
Date: Fri, 1 Aug 1997 23:10:57 -0500 From: Matt <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: Bugs in Debian Linux's ircd package There are a couple of bugs in the Undernet IRC Server package (ircd 2.9.32-3) which is included in Debian Linux 1.3.1 (and probably earlier versions as well)... First, /etc/ircd/ is set world readable... This directory contains the server configuration files and irc operator passwords. By default, the passwords are encrypted, but anyone with crack can easily bypass this protection in a few hours and /oper themselves! The fix: chmod 700 /etc/ircd/ Second, the package adds the following line to inetd.conf: ircd stream tcp wait root /usr/sbin/ircd ircd -i ircd is supposed to be run as 'irc', not 'root'..! I don't know if this is exploitable in any way, but the irc server does -not- require root priviledges. The fix: chown irc.irc /etc/ircd/ and change the line in inetd.conf to ircd stream tcp wait irc /usr/sbin/ircd ircd -i or (if you are running xinetd) service ircd { socket_type = stream user = irc wait = yes server = /usr/sbin/ircd server_args = -i } That's all for now.. -ir ([EMAIL PROTECTED]) Greets to #hackhelp on the Undernet! -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .