[7383] in bugtraq
Re: Another NEW mIRC bug and ALL mIRC Exploit patches
daemon@ATHENA.MIT.EDU (Mike Zimmerman)
Sun Jul 26 04:07:46 1998
Date: Sat, 25 Jul 1998 21:36:34 -0400
Reply-To: Mike Zimmerman <tarmon@HOTMAIL.COM>
From: Mike Zimmerman <tarmon@HOTMAIL.COM>
X-To: Derek Reynolds <derek@INFINET.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <1.5.4.32.19980724121751.00691b08@infinet.com>
The author of mIRC has released v5.41 as of today to address these security
holes and various other bugs in the 5.4 release. It can be found at
http://www.mirc.co.uk/.
Mike Zimmerman
At 08:17 AM 7/24/98 -0400, Derek Reynolds wrote:
>History of Events: (Remote Exploits)
>
> 07/18/98 - Someone on DALnet finds problem with DCC SEND and DCC RESUME
>(exploit made)
>
> 07/20/98 - $asctime bug revealed
>
> 07/21/98 - myn discovers a large problem with $calc and notices that most
>scripts that
> use on ctcpreply ping perform a $calc. He then implements the
>$asctime bug
> into on ctcpreply ping which ables a user to remotely crash the
>mIRC client
>
> 07/22/98 - v9 evaluates myn's bug finding and plays with on ctcpreply some
>more and finds that $calc evaluates custom alias's or
functions.
>
> 07/23/98 - Some uninformed person believes that it is on IRCN native and
>posts a message to rootshell.com and forgets the big picture.
>Any mIRC script that makes use of the event "ON CTCPREPLY PING"
>which does a $calc or any other remote/event that uses $calc is
>exploitable.
>
>
>Most people are only patching themselves against the $calc bug, but are
>still wondering why their mIRC keeps crashing.. Its because they have not
>patched themselves against the 2 other remote mIRC exploits.
>
>Below is the patch for ALL known remote mIRC exploits.
>to install it type "/load -rs m54-fix-sploits.mrc"
>
>Peace.
>
>myn@efnet
>
>
>
>
