Eggheads: Share module security bug posting on BugTraq list
daro at deds.nl
Wed Feb 11 06:24:36 CST 2004
----- Original Message -----
From: "Tom Sutterfield" <tsutterfield at cox.net>
To: "Eggdrop Discussion List" <eggheads at eggheads.org>
Sent: Wednesday, February 11, 2004 12:29 PM
Subject: Eggheads: Share module security bug posting on BugTraq list
> I was just wondering if any of you coders had seen it, and whether it was
> bug, or not.
The origenal mail was send to bugtrug @ securityfocus and a cc of that
mail was send to the eggdev list.
A response by Guppy was.
"This patch has been applied to the latest CVS copy with the correct
There is also a patch for the problem so.
It is a valid bug but :
This bug only effects users that set allow-resync to 1. allow-resync is set
to 0 by default with the note that using it "is not recommended," so
probably most users are not vulnerable.
So, you do not need to disable share.mod entirely, just make sure that
allow-resync is set to 0 in the *.conf file.
[quote van BarkerJr]
bobjuh at vicci.invalid Change .invalid to .nl
More information about the Eggheads