• English
  • עברית עברית
  • Français Français
  • Nederlands Nederlands
  • Suomi Suomi
  • Deutsch Deutsch
  • Svenska Svenska

Latest News

port80.se delink

port80.se.quakenet.org delinking. It is with great sadness that we must farewell port80.se from QuakeNet after nearly 20 years of service. Unfortunately the hardware problems they were experiencing could not be resolved, and so the decision to delink the server was ...

Read the rest 3 comments

Merry Xmas!

QuakeNet staff wishes everyone a Merry Christmas and a Happy New Year. Thanks for your continuing support!

Read the rest 2 comments

New server link

New Server stockholm.se.quakenet.org As of this week we are welcoming a new server to the game, its stockholm.se.quakenet.org kindly hosted by Sunet. While we are getting a new server, we are losing an old one. Since last week portlane.se.quakenet.org has ...

Read the rest 3 comments

Q chanlev vulnerability -

Posted by cro on Thursday 07 February 2002

A flaw has been discovered in the chanlev command of Q, the channel service bot. It revolves around the way chanlev parses the command passed to it. What this means is that it is possible to grant someone owner status (+n) in your channel without actually realising it.

The flaw happens when you type a word containing 'n' as part of the chanlev command. For example:

chanlev #channel #nick +ano will grant the user #nick owner status, as you have specifically granted this flag.
chanlev #channel #nick +ao/n will also grant the person owner status.

We have seen a number of users who have been tricked into typing **chanlev

channel #nick +av/only!** - which grants the owner (+n) flag. We consider

this to be an exploit of Q and any user who tricks a channel owner into using this command to steal the channel owner flag will be dealt with appropriately.

Please log in to post comments.
There aren't any comments for this news post.