Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (Generic)  >   SorIrcd Vendors:   Mysidia
SorceryNet IRC Daemon (SorIrcd) Chat Server May Disclose User IP Addresses to Remote Users
SecurityTracker Alert ID:  1003047
SecurityTracker URL:
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Dec 24 2001
Impact:   Disclosure of system information
Exploit Included:  Yes  
Version(s): Prior to version 1.3.3.p1
Description:   An information disclosure vulnerability was reported in the SorceryNet IRC daemon (SorIrcd). A remote user could learn of the IP addresses of other IRC users.

It is reported that the server may leak information concerning user IP addresses. No further details about the nature of this vulnerability were provided.

Impact:   A remote user could learn of the IP addresses of other IRC users.
Solution:   Upgrade to version 1.3.3.p1, available at:

Vendor URL: (Links to External Site)
Cause:   Not specified
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   None.

 Source Message Contents

Subject:  SorceryNet IRC Daemon 1.3.3.p1

[044] - SorceryNet IRC Daemon 1.3.3.p1 (Current)
  by Mysidia (
  Thursday, December 20th 2001 04:08

Communications :: Chat :: Internet Relay Chat

About: SorIrcd is a relatively stable IRC daemon derived from dal4.4.10
which was based on irc2.8.mu3.  SorIrcd's features include open proxy
detection, HUSH and UNHUSH commands for silencing flooders, IP address
hiding, oper channel mode hacking (option), logging of network events
mode hacks), and a number of other extensions.

Changes: Possible information leaks concerning user IP addresses have
closed, new channel modes have been added to block colors and masked
Also included are new ban features, and the integration of DreamForge's
improved /list command. Efficiency improvements have been made to
ban handling, nick changes by users in moderated channels is blocked, as
well as some other security and usability improvements.

License: GNU General Public License (GPL)



Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, LLC