| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: m0rtis at adelphia.net (Mortis) Subject: irc over ssl > are there any known issues concerning rootkits, backdoors, > cmd execution concerning an irc(with ssl) client ? I use the > irssi client to conect to a irc server with ssl.Is there a way for > the admins of the irc server to open/intrude somehow to my > pc(through the high port that the client opens to conect to the > server)? You never know, do you? That's half the fun. No noise lately with irssi. They had a small number of ooboos in the past if you google around. There was once a backdoor planted in the configuration script. That was some funny sh*t that week. The author seems to think the code is tight: > I'm quite confident that there's no security bugs in Irssi. > No buffer overflows, no format bugs (%s%s%s), no remote > exploits, nothing. I'm sure some turkey will hack it this week just to spank him for the claim. Pretty code. Lots of lists and pointers. You may be vulnerable to any of the bugs that affect openssl. Are you using the most current version? Hit me offline if you don't know how to check. Don't sit around IRCing by yourself. It can make you go blind. -- Mortis http://m0rtis.proboards30.com/ http://full-disclosure.50megs.com/
Powered by blists - more mailing lists