Mirc Critical Bug

GovernmentSecurity.org > The Archives > General Network Security

boshcash

Oct 14 2003, 01:54 PM

there is a critical mirc bug in all versions except 6.12
Upgrade or disable dcc before someone crashes u

see : http://www.securiteam.com/windowsntfocus/6...6I00C158KM.html for advisory
see : http://www.securiteam.com/exploits/6J00D158KO.html for exploit
Also there is an irc:// handling bug

see : http://www.securiteam.com/windowsntfocus/6...6M00B0U8KE.html

Just take care , maybe one of these bugs would evolve to run commands on your system !

Evilman

Oct 14 2003, 02:59 PM

source: source-warp2search

mIRC v6.12 has been released to address a remote vulnerability found yesterday, capable of crashing your mIRC. The vulnerability affects versions of mIRC from v6.0 onwards, so it is highly recommended that you upgrade to mIRC v6.12:

Update: Thanks to Mr A looks like we've found a fresh bug in mIRC v6.12 ... Read More

well it's me another time... just installing 6.12 i found a big bug in mirc 6.12

it sems that making a whois to some user with lots of channels like some bots.. make a buffer overflow .. this can be explotable easy.

mIRC.com or mIRC.co.uk

coder

Oct 14 2003, 03:28 PM

mIRC is for L-USERS!

ircII ownz all

icedealer

Oct 14 2003, 06:07 PM

ohh woow coder..
i bow to u...
ircII is for ppl with lnx the best client and mirc for ppl with win

i got alot windows pcs and alot lnx pcs...
so i use both ..
now i'm a lewser OH NOOOO *cRy*

hermel

Oct 15 2003, 10:20 AM

Take a look here to fix it.

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.


Help - Search - Member List - Calendar Full Version: Mirc Critical Bug GovernmentSecurity.org > The Archives > General Network Security boshcash Oct 14 2003, 01:54 PM there is a critical mirc bug in all versions except 6.12 Upgrade or disable dcc before someone crashes u see : http://www.securiteam.com/windowsntfocus/6...6I00C158KM.html for advisory see : http://www.securiteam.com/exploits/6J00D158KO.html for exploit Also there is an irc:// handling bug see : http://www.securiteam.com/windowsntfocus/6...6M00B0U8KE.html Just take care , maybe one of these bugs would evolve to run commands on your system ! Evilman Oct 14 2003, 02:59 PM source: source-warp2search mIRC v6.12 has been released to address a remote vulnerability found yesterday, capable of crashing your mIRC. The vulnerability affects versions of mIRC from v6.0 onwards, so it is highly recommended that you upgrade to mIRC v6.12: Update: Thanks to Mr A looks like we've found a fresh bug in mIRC v6.12 ... Read More well it's me another time... just installing 6.12 i found a big bug in mirc 6.12 it sems that making a whois to some user with lots of channels like some bots.. make a buffer overflow .. this can be explotable easy. mIRC.com or mIRC.co.uk coder Oct 14 2003, 03:28 PM mIRC is for L-USERS! ircII ownz all icedealer Oct 14 2003, 06:07 PM ohh woow coder.. i bow to u... ircII is for ppl with lnx the best client and mirc for ppl with win i got alot windows pcs and alot lnx pcs... so i use both .. now i'm a lewser OH NOOOO cRy hermel Oct 15 2003, 10:20 AM Take a look here to fix it. This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.