Re: Old IRC Client bug Re-Applied

[admin () ATECH ORG (Security Admin)]

As far as I knew, Pirch development was discontinued quite sometime ago
(although going to the official home page now reveals they've got a new
domain), so if thats the case, fixing this bug will be up to the
individual user.. although the VAST majority of windows IRC users use mIRC
anyway...

-pat

On Thu, 12 Nov 1998, rewt () midsouth rr com wrote:

> If this has already been announced, well, screw me.
>
> Problem:
> The IRC (Internet Relay Chat) Client, pIRCh automatically assigns
> your main pirch directory to where DCC downloads are sent.
>
> Exploit:
> You can replace someone's script file with a malicious one,
> therefore recieving control over an ignorant irc tenant. This can be
> done by sending a replacement file via DCC to the user. Most
> people could tell the user that it was something cool, and they
> would accept it.
>
> Fix:
> Simply goto Tools.. then Preferences. Flip to the DCC tab and
> change your default DCC recieve directory to something that is not
> the main pIRCh directory.
>
> Tested On:
> pIRCh32 0.92
> If there's a new version out that fixes it, well crap, I'm sorry for
> taking up your time.
>
> Cheers,
> REwT <rewt () midsouth rr com>
> PaKT-TeCH Sekurity | REwT Technologies