This is as of yet unconfirmed, and _VERY_ unlikely. A fellow operator of #mIRC on Efnet (Sojourn) tried to talk to the person who created this chaos, log here: http://mirc.stealth.net/bughoax.txt This is most likely a hoax, and/or a misinformed user. The reason you can't find code or details on the bug is simply because it doesn't exist. Many people I've spoken to (along with me) have mailed BUGTRAQ about this (in an attempt to stop the unfounded panic), but it seems none of the informed responses have been approved yet. -chris -----Original Message----- From: Weiss, Bill [mailto:bill_weissat_private] Sent: Monday, April 23, 2001 12:22 AM To: VULN-DEVat_private Subject: recent mIRC vulnerability The existance of "remote control" possibilities in mIRC worry me. Does anyone have the specs on the the things that can be done? I'm not asking for exploits to do damage, just doing /say I'm in trouble! would be quite aquedate. Can anyone help me out? (seriously, I'm not looking for 0-day. no code is being asked for)
This archive was generated by hypermail 2b30 : Mon Apr 23 2001 - 21:41:56 PDT