• English
  • עברית עברית
  • Français Français
  • Nederlands Nederlands
  • Suomi Suomi
  • Deutsch Deutsch
  • Svenska Svenska

Latest News

Merry Xmas!

QuakeNet staff wishes everyone a Merry Christmas and a Happy New Year. Thanks for your continuing support!

Read the rest 0 comments

New server link

New Server stockholm.se.quakenet.org As of this week we are welcoming a new server to the game, its stockholm.se.quakenet.org kindly hosted by Sunet. While we are getting a new server, we are losing an old one. Since last week portlane.se.quakenet.org has ...

Read the rest 0 comments

dreamhack.se delink

dreamhack.se delink It's with great sadness that we after almost 10 years of great service have to announce that dreamhack.se.quakenet.org will be delinking later this week. This is due to dreamhack restructuring their online services within Scandinavia. QuakeNet would like ...

Read the rest 0 comments

Q chanlev vulnerability -

Posted by cro on Thursday 07 February 2002

A flaw has been discovered in the chanlev command of Q, the channel service bot. It revolves around the way chanlev parses the command passed to it. What this means is that it is possible to grant someone owner status (+n) in your channel without actually realising it.

The flaw happens when you type a word containing 'n' as part of the chanlev command. For example:

chanlev #channel #nick +ano will grant the user #nick owner status, as you have specifically granted this flag.
chanlev #channel #nick +ao/n will also grant the person owner status.

We have seen a number of users who have been tricked into typing **chanlev

channel #nick +av/only!** - which grants the owner (+n) flag. We consider

this to be an exploit of Q and any user who tricks a channel owner into using this command to steal the channel owner flag will be dealt with appropriately.

Please log in to post comments.
There aren't any comments for this news post.