• English
  • עברית עברית
  • Français Français
  • Nederlands Nederlands
  • Suomi Suomi
  • Deutsch Deutsch
  • Svenska Svenska

Latest News

BlizzCon 2019

BlizzCon returns to the Anaheim Convention Center once again! Welcome to the most epic family reunion on the planet. BlizzCon is a place where friendships are forged, heroes come to life, and the most passionate community in the world takes ...

Read the rest 0 comments

HYPERCHARGE: Unboxed full version giveaway!

QuakeNet is holding a giveaway for the full version of "HYPERCHARGE: Unboxed" for our PC users. The giveaway starts at 18:00 CEST and ends at 20:00 CEST on Thursday the 5th of September. You're a small plastic soldier with a ...

Read the rest 0 comments

The International 2019 (dota2)

The International 2019 is the concluding tournament of the Dota Pro Circuit and the ninth annual edition of The International. The tournament will be held on Chinese soil for the first time, as it moves to the Mercedes-Benz Arena in ...

Read the rest 0 comments

Q chanlev vulnerability -

Posted by cro on Thursday 07 February 2002

A flaw has been discovered in the chanlev command of Q, the channel service bot. It revolves around the way chanlev parses the command passed to it. What this means is that it is possible to grant someone owner status (+n) in your channel without actually realising it.

The flaw happens when you type a word containing 'n' as part of the chanlev command. For example:

chanlev #channel #nick +ano will grant the user #nick owner status, as you have specifically granted this flag.
chanlev #channel #nick +ao/n will also grant the person owner status.

We have seen a number of users who have been tricked into typing **chanlev

channel #nick +av/only!** - which grants the owner (+n) flag. We consider

this to be an exploit of Q and any user who tricks a channel owner into using this command to steal the channel owner flag will be dealt with appropriately.

Please log in to post comments.
There aren't any comments for this news post.