IRC-Junkie.org – IRC News

All about Internet Relay Chat

Efnet faces major attack on New Year’s Eve [Update 2]

IRC servers with code based on old Ratbox 2.0 code are vulnerable to a bug in the code that handles user authentication. It was found and published at 7 pm GMT by IRC member Fudge when he messed around with the protocol TS6. Charybdis developer nenolod was informed about the issue in the development channel #charybdis. Shortly after that him and other members agreed on that the bug was “pretty serious”.

A working example of how an IRC server could be brought down via this bug was published in the channel. Some person, or a group people, began to misuse the information they presumably got from the channel in order to bring down Efnet. At 10:45 pm GMT, many servers have been patched and restarted, but there are still ten servers, including services.int [Update: services.int is down due to unrelated maintenance according to EFnet], missing, according to the automatically updated network map on http://map.efnet.net/. To bring a server down, the attacker does not need any special privileges. All they would need to do is to send one line consisting of less than 15 characters.

A new version of Charybdis was released around 22.00 pm later this same evening. Patch files for both Ratbox and Charybdis have been sent to many IRC administrators, so that they can secure their servers against this exploit as soon as possible.

Some of the affected channels include #irchelp, a channel that now has a new date of creation:
-!- Channel #irchelp created Mon Dec 31 22:32:01 2012

It is likely that the operators of #chanfix will get a dramatically increased work load during the next couple of hours. They have prepared well by setting the topic of the channel:
Yes we know EFnet just took a mickey. Plz state the channel with the problem and wait…

There are rumours around claiming Hybrid is also affected, but they have not been confirmed [Update 2: According to the IRCd-Hybrid team, it is not affected by the vulnerability]. As the number of IRC servers forked from Ratbox, with exploitable code, is relatively high it is highly likely that servers on many networks will go up and down for the next few days.

Freenode was one of the first networks to patch themselves, occuring only minutes after the seriousness of the issue had been established. Thanks to staff member tomaw all relevant servers could be secured before any harm was done.

IRC servers which have been confirmed by their developers as patched against this vulnerability are:

  • ShadowIRCd 6.3.3
  • Charybdis¬†3.4.2
  • Ratbox 3.0.8

Article to be updated when more information is available…

 

Link to the original advisory: http://www.ratbox.org/ASA-2012-12-31.txt

ratbox-services updated to v1.2.4

ratbox-services, the services package for ircd-ratbox, have released version 1.2.4 in their stable tree.

ratbox services logo

ratbox services logo

Version 1.2.4 is mainly a bugfix release, one feature addition that this new version got is that you now can specify both the UID/GID and the path it chroots to on startup with a parameter.

Other than that, some inconsistencies with ChanServ enforcing topics have been rectified and it now “enforces topics whenever it is in the channel”. The handling of read-errors received from servers has been fixed as well as the configure-options of both MySQL and PostgreSQL which now take a path to a binary that will provide the compiler with information it needs to compile the respective support in.

The complete changelog for ratbox-services 1.2.4 can be found here and the download can be obtained from here.

  Copyright secured by Digiprove

ratbox-services release version 1.2.3

ratbox-services, a services package for use with IRCd-ratbox is now available as version 1.2.3 in their stable tree.

ratbox services logo

ratbox services logo

They are “highly configurable, with nearly all options being set in a config that can be rehashed rather than set at compile time. It also uses the SQLite database backend, which works as a database interface to a normal file, meaning no seperate database software must be running”.

The new release has some feature additions for their channel listing service, ALIS, which now lets you search for channels with the +S mode (SSL-only channels). This release also fixes a +S/ALIS related “minor buffer overflow” at the same time.

Besides a small number of other bugfixes there also was a problem fixed with permanent bans set via chanserv that weren’t applying to users joining said channel.

The announcement on their mailinglist says that “everyone running ratbox-services-1.2.2 should upgrade to this version” so grab the download from here and perform the upgrade ;)

ratbox-services version 1.2.2 released

ratbox-services, a services package for use with IRCd-ratbox is now available as version 1.2.2 in their stable tree.

ratbox services logo

ratbox services logo

They are “highly configurable, with nearly all options being set in a config that can be rehashed rather than set at compile time. It also uses the SQLite database backend, which works as a database interface to a normal file, meaning no seperate database software must be running”.

The new version, aside from various bugfixes, also contains a fix for a potential user-triggerable crashbug.

According to the changelog, this crash could be triggered by “a user changing their email address with userserv” so this is a recommended upgrade if you are running these services.

The download for version 1.2.2 can be found here.

New ircd-ratbox stable release fixes crashbugs [Updated]

Developer androsyn just announced the availability of ircd-ratbox 2.2.9, a new release in their stable branch – shortly after the release of a new version in their testing branch.

Upgrading is strongly advised since this release fixes 2 crashbugs that can be triggered by users.

The functions that potentially can lead to a crash of the IRC daemon are said to be “/quote HELP” and “/links”, however the exact commands are not mentioned in the announcement – we will update this post once more details are known.

The downloads to the updated IRCd can be obtained here.

[Update]: The testing branch seems to be affected too by one of these bugs and has been updated to version 3.0.6.