mIRC 6.35 gets released, fixes security flaw

Hello there! If you are new here, you might want to subscribe to the RSS feed for more & updated news about the world of IRC.

You're also welcome to follow us on Twitter or join our Facebook Fanpage.

If you liked this post, please show your support by clicking on our flattr button - thank you! :)

Little over one month after the last release of the popular IRC-client, a new version becomes public.

According to the website the update is due to a security flaw concerning “very long nicknames on non-standard servers” and it is therefore a recommended upgrade for everyone.

Also, it seems the exploit code for the mentioned vulnerability is already in the wild so it’s advised to update in a timely manner or deploy the following workaround if an upgrade is not possible:

on ^*:OPEN:?:*:if ($len($nick) > 298) halt

The above snippet should be added to ones mIRC’s remotes and shall then prevent the hole from being exploited.

Thanks to slakker for the tip & links!

mIRC 6.33 Released "This version of mIRC continues to build on recent rele...
mIRC 6.32 Released Version 6.32 of probably the most popular IRC client ha...
mIRC 6.34 has been released 4 days ago, Khaled Mardam-Bey released a new version of...
mIRC(.com) Gets a New Face I can't remember the logo of the most popular IRC...
mIRC Local DCC Issue: Exploit, Vulnerability or Neither? mIRC has seen issues with DCC exploits in the past....

http://cdn.irc-junkie.org/wp-content/plugins/sociofluid/images/digg_48.png

http://cdn.irc-junkie.org/wp-content/plugins/sociofluid/images/reddit_48.png

http://cdn.irc-junkie.org/wp-content/plugins/sociofluid/images/dzone_48.png

http://cdn.irc-junkie.org/wp-content/plugins/sociofluid/images/stumbleupon_48.png

http://cdn.irc-junkie.org/wp-content/plugins/sociofluid/images/delicious_48.png

http://cdn.irc-junkie.org/wp-content/plugins/sociofluid/images/blinklist_48.png

http://cdn.irc-junkie.org/wp-content/plugins/sociofluid/images/blogmarks_48.png

http://cdn.irc-junkie.org/wp-content/plugins/sociofluid/images/newsvine_48.png

http://cdn.irc-junkie.org/wp-content/plugins/sociofluid/images/technorati_48.png

http://cdn.irc-junkie.org/wp-content/plugins/sociofluid/images/google_48.png

http://cdn.irc-junkie.org/wp-content/plugins/sociofluid/images/myspace_48.png

http://cdn.irc-junkie.org/wp-content/plugins/sociofluid/images/facebook_48.png

http://cdn.irc-junkie.org/wp-content/plugins/sociofluid/images/yahoobuzz_48.png

http://cdn.irc-junkie.org/wp-content/plugins/sociofluid/images/twitter_48.png

Tags: Hack, IRC, mIRC, Software

This entry was posted on Thursday, October 30th, 2008 at 10:57 pm and is filed under IRC, Software, mIRC. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

IRC-Junkie.org – IRC News

mIRC 6.35 gets released, fixes security flaw

Leave a Reply