IRC-Junkie.org – IRC News

All about Internet Relay Chat

Vulnerability in Eggdrop / Windrop 1.6.19

A vulnerability in the Eggdrop and Windrop bot has been found which prompts a new release.

The vulnerabilitiy is present in both latest versions of the bot software 1.6.19 which has been released back in April 2008.

A posting on the Full Disclosure mailinglist goes into more detail, describing how one can at least crash vulnerable bots:

One possible exploit anyone can send to the IRC server to crash eggdrop:

PRIVMSG eggdrop :\1\1

The only resolution at this time is upgrading old bots with the provided fix.

Category: Hack, IRC, Software
  • Elmaron says:

    Those spreading CTCP parser bugs in multiple projects start to get ashaming I find (I also heard of Linkinus having issues, although not crashing).

    May 20, 2009 at 4:21 pm

Your email address will not be published. Required fields are marked *

*