Bugtraq mailing list archives
Re: Old IRC Client bug Re-Applied
From: admin () ATECH ORG (Security Admin)
Date: Thu, 19 Nov 1998 02:44:53 +0000
As far as I knew, Pirch development was discontinued quite sometime ago (although going to the official home page now reveals they've got a new domain), so if thats the case, fixing this bug will be up to the individual user.. although the VAST majority of windows IRC users use mIRC anyway... -pat On Thu, 12 Nov 1998, rewt () midsouth rr com wrote:
If this has already been announced, well, screw me. Problem: The IRC (Internet Relay Chat) Client, pIRCh automatically assigns your main pirch directory to where DCC downloads are sent. Exploit: You can replace someone's script file with a malicious one, therefore recieving control over an ignorant irc tenant. This can be done by sending a replacement file via DCC to the user. Most people could tell the user that it was something cool, and they would accept it. Fix: Simply goto Tools.. then Preferences. Flip to the DCC tab and change your default DCC recieve directory to something that is not the main pIRCh directory. Tested On: pIRCh32 0.92 If there's a new version out that fixes it, well crap, I'm sorry for taking up your time. Cheers, REwT <rewt () midsouth rr com> PaKT-TeCH Sekurity | REwT Technologies
Current thread:
- Re: Old IRC Client bug Re-Applied knarph () LINUX SAVANT-CORP COM (Nov 13)
- <Possible follow-ups>
- Re: Old IRC Client bug Re-Applied System Administrator (Nov 13)
- Re: your mail Cacaio Torquato (Nov 14)
- Re: your mail Casper Dik (Nov 14)
- Re: Old IRC Client bug Re-Applied Security Admin (Nov 18)
- Re: Old IRC Client bug Re-Applied IRCop (Nov 20)