Re: [net-com] Bug in Mirc v5.82

From: Chris Huseman (chrish@A-T-G.COM)
Date: Sun Apr 22 2001 - 19:44:36 PDT

Next message: Jim Knoble: "Re: Redhat 7 insecure umask"

Previous message: Nick FitzGerald: "Re: Double clicking on innocent looking files may be da ngerous"
In reply to: Chris King: "Fw: [net-com] Bug in Mirc v5.82"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The proposed "fix" will not accomplish anything if the "bug" is actually
internal to mIRC.

If I was to speculate as to what is really going on, based on what little
information this email contains, I would suggest that the client that was
'controlable' had a trojan script installed.  I've been a long time operator
on #mIRC on Efnet, and this seems to be the case more and more frequently.
Ultimately, you just can't trust scripts that other people hand you without
looking at the code yourself.. this is just common sense.

I surely hope that this isn't some type of attention-grabbing intentional
false alert.  It appears that the reporter of this bug hasn't contacted
Khaled (the author of mIRC), or posted a bug report on mIRC's online forums.

This bug report is _FALSE_, please deal with it accordingly.

-chris


-----Original Message-----
From: Bugtraq List [mailto:BUGTRAQat_private]On Behalf Of Chris
King
Sent: Sunday, April 22, 2001 8:27 AM
To: BUGTRAQat_private
Subject: Fw: [net-com] Bug in Mirc v5.82


----- Original Message -----
From: Trax <traxsterat_private>
To: opers-xnet <opersat_private>
Cc: net-com-xnet <net-comat_private>
Sent: Sunday, April 22, 2001 1:40 PM
Subject: [net-com] Bug in Mirc v5.82


> There is a bug in mirc v5.82 that allows remote control of clients via
> /quote and /ctcp  (not the ctcp *:*:*:* code tho), this is different, it's
> the mirc coder's fault.
>
> Simple solution:
> Downgrade mirc to v5.81 till a fix/new mirc comes out.
>
> Other Solution:
> Put these in your remotes as they are printed here:
>
> ctcp 1:finger:haltdef
> ctcp 1:userinfo:haltdef
> ctcp 1:clientinfo:haltdef
> ctcp 1:ping:haltdef
> ctcp 1:time:haltdef
> ctcp 1:sound:haltdef
> ctcp 1:msg:haltdef
> ctcp 1:/msg:haltdef
>
>
> From my point of view, this *may* screw up your scripts, so the downgrade
is
> the easier option.
>
> This hole in mirc enable's people to remotely control people using mirc
> v5.82 using /quote and /ctcp.  This morning on another network, someone
did
> it to an ircop and globaled, if they wanted to they could have
> killed/akilled people.
>
> So please either ditch Mirc v5.82 or insert the above code.
>
> Laters
> Trax.
>
>
>

Next message: Jim Knoble: "Re: Redhat 7 insecure umask"
Previous message: Nick FitzGerald: "Re: Double clicking on innocent looking files may be da ngerous"
In reply to: Chris King: "Fw: [net-com] Bug in Mirc v5.82"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Apr 23 2001 - 17:04:32 PDT