<<< Date Index >>>     <<< Thread Index >>>

Re: [irc-security] Multiple vulnerabilities in ircu



Colin Alston wrote:
Please be careful labeling something as "vulnerabilities" when they aren't. You've described software bugs which should be reported to the maintainer, none of them so far as I can see are vulnerabilities or exploits.
I can see crashbugs, operfloods, channel takeovers and ways to find out people's IP addresses who think they are hidden thanks to the IP hiding feature.
Having this malfunction certainly looks like a vulnerability to me.

Most vulnerabilities are indeed software bugs, and the exploits are actually documented in the post you comment on.

Tom