mIRC irc:// Vulnerability and Nickname Buffer Overflow

Discussion in 'Windows Desktop Systems' started by Kr0m, Mar 16, 2002.

  1. Kr0m

    Kr0m Moderator

    Turtle Island
    IRC (Internet Relay Chat) is a virtual meeting place where people from all over the world can meet and talk; you'll find the whole diversity of human interests, ideas, and issues here, and you'll be able to participate in group discussions on one of the many thousands of IRC channels, or just talk in private to family or friends, wherever they are in the world. To use IRC you need a small program like mIRC, a shareware IRC client for Windows. Two security vulnerabilities in the product would allow a remote attacker to cause the mIRC program to execute arbitrary code by causing it to first connect to a malicious server.

    Vulnerable systems:
    mIRC version 5.91
    mIRC version 5.9
    mIRC version 6.0
    (All prior versions should be considered vulnerable)

    I refuse to show the link to where I got this information publicly as it shows the details of the exploit. Contact me if you want more information.
  2. insaNity

    insaNity Guest

    thanks for the tip. The complete article was an interesting read :p