[8530] in bugtraq
Old IRC Client bug Re-Applied
daemon@ATHENA.MIT.EDU (rewt@midsouth.rr.com)
Fri Nov 13 13:30:28 1998
Date: Thu, 12 Nov 1998 11:20:56 -0600
Reply-To: "rewt@midsouth.rr.com" <rewt@MIDSOUTH.RR.COM>
From: "rewt@midsouth.rr.com" <rewt@MIDSOUTH.RR.COM>
To: BUGTRAQ@NETSPACE.ORG
If this has already been announced, well, screw me.
Problem:
The IRC (Internet Relay Chat) Client, pIRCh automatically assigns
your main pirch directory to where DCC downloads are sent.
Exploit:
You can replace someone's script file with a malicious one,
therefore recieving control over an ignorant irc tenant. This can be
done by sending a replacement file via DCC to the user. Most
people could tell the user that it was something cool, and they
would accept it.
Fix:
Simply goto Tools.. then Preferences. Flip to the DCC tab and
change your default DCC recieve directory to something that is not
the main pIRCh directory.
Tested On:
pIRCh32 0.92
If there's a new version out that fixes it, well crap, I'm sorry for
taking up your time.
Cheers,
REwT <rewt@midsouth.rr.com>
PaKT-TeCH Sekurity | REwT Technologies