The author of mIRC has released v5.41 as of today to address these security holes and various other bugs in the 5.4 release. It can be found at http://www.mirc.co.uk/. Mike Zimmerman At 08:17 AM 7/24/98 -0400, Derek Reynolds wrote: >History of Events: (Remote Exploits) > > 07/18/98 - Someone on DALnet finds problem with DCC SEND and DCC RESUME >(exploit made) > > 07/20/98 - $asctime bug revealed > > 07/21/98 - myn discovers a large problem with $calc and notices that most >scripts that > use on ctcpreply ping perform a $calc. He then implements the >$asctime bug > into on ctcpreply ping which ables a user to remotely crash the >mIRC client > > 07/22/98 - v9 evaluates myn's bug finding and plays with on ctcpreply some >more and finds that $calc evaluates custom alias's or functions. > > 07/23/98 - Some uninformed person believes that it is on IRCN native and >posts a message to rootshell.com and forgets the big picture. >Any mIRC script that makes use of the event "ON CTCPREPLY PING" >which does a $calc or any other remote/event that uses $calc is >exploitable. > > >Most people are only patching themselves against the $calc bug, but are >still wondering why their mIRC keeps crashing.. Its because they have not >patched themselves against the 2 other remote mIRC exploits. > >Below is the patch for ALL known remote mIRC exploits. >to install it type "/load -rs m54-fix-sploits.mrc" > >Peace. > >myn@efnet > > > >
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:08:05 PDT