Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Query buffers can be hijacked by malicious users #892

Closed
Vaesper opened this issue Jan 20, 2017 · 0 comments
Assignees
Labels
bug
Milestone

Comments

@Vaesper
Copy link

@Vaesper Vaesper commented Jan 20, 2017

I sometimes notice an open query buffer with a user I have never contacted. When I check the contents of the buffer, I see something like:

⟪ │ bonafide (bonafide@bonafide.user) has quit (*.net *.split)
⟫ │ bonafide (malafide@malafide.user) is back on server

The only reason I can even tell is because the "new" bonafide /nick'ed to malafide later which changes the query buffer name in the buffer list. The "topic" bar even still has the old hostmask (bonafide@bonafide.user).

@flashcode flashcode added the bug label Jan 21, 2017
@flashcode flashcode added this to the 2.7 milestone Oct 6, 2019
@flashcode flashcode closed this in 876a0a1 Oct 11, 2019
@flashcode flashcode removed the in progress label Oct 11, 2019
flashcode added a commit that referenced this issue Nov 8, 2019
… (issue #892)

This is because the bitlbee server causes the warning to be displayed when it
is not expected (the address of remote nick changes multiple times on login).
@flashcode flashcode self-assigned this Nov 8, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.