hackwarn.txt sent to wrong user if password inquiry is selected?
From Björn Wiberg@2:201/137 to g00r00 on Thu Mar 24 20:58:35 2022
I'm not sure, but I might have stumbled on a small bug related to password inquiries --
If a user (here, "guest") enters the wrong password a number of times ("Login Attempts" times), and chooses not to send a password inquiry to the SysOp, the file hackwarn.txt is correctly sent to the user:
N 58 Possible hack attempt Zip guest
But if the user chooses to send a password inquiry to the SysOp, the recipient of hackwarn.txt appears to become the same as that of the password inquiry (i.e. the "Feedback To" user):
N 59 Password Inquiry Unknown Zip
N 60 Possible hack attempt Zip Zip
Here, I would have expected the recipient of the last email to be "guest" instead of "Zip".
Is this also so for you?
Thanks in advance!
--- Mystic BBS v1.12 A48 2022/03/11 (Linux/64)
* Origin: Star Collision BBS, Uppsala, Sweden (2:201/137)
Mon Aug 15 11:08:27 2022
Mon Aug 15 09:55:12 2022
Mon Aug 15 09:50:48 2022
Mon Aug 15 08:23:58 2022
Graham, Wa Usa