IRC-Junkie.org – IRC News

All current versions of the KVIrc IRC client contain a remotely exploitable command execution vulnerability, including builds of KVIrc 4 from subversion up to revision 4692 as well as the older 3.x versions.

The bug, triggered by inserting carriage returns (r) into DCC GET commands, can be used to execute every command the IRCd understands in the context of the user running the vulnerable client instance.

To check if your version is exploitable you can either take a look at the “About KVIrc” tab under “Help” and check the revision or execute the following command on IRC:

Smuxi, the “Smart MUltipleXed” IRC client was updated to version 0.7.2.1 on Friday.

The new version contains 13 new features, fixes 29 bugs and is now available in 4 new languages – Portuguese, Danish, Finnish and Catalan, of which the latter two are currently only partially translated. Six already existing translations have been updated and project lead meebey asks interested parties to contribute and further improve them.

Interesting new features include the freshly added linemarker which inserts a red line where you last looked into the channel, a private message window or the Twitter tab – see the below screenshot:

Today we shall have a look at the various possibilities available for statistics of activity on IRC, should you decide you want to have some pretty graphs detailing the happenings in a channel or on a whole network.

Most programs presented in this article parse logfiles generated by a variety of IRC clients, with the exception of phpDenora/Denora which needs to be run as a network service to gather its stats. However, both solutions can supplement one another as one may gather and display information that the other does or even can not.

The KDE IRC client Konversation pushed out a bugfix release shortly after its 1.3 milestone which brought support for DCC Whiteboard, a collaborative drawing extension.

According to their announcement, this minor release brings quite a few bugfixes and also reverts a regression that causes “data corruption or even loss of Watched Nicknames Online lists on application quit”.

Another thing to take note of is the improvement of RFC 1459 PING/PONG handling which might have caused users of bouncers to flood the IRCd when they attach to the same connection multiple times, possibly resulting in them getting kicked off of the network.

The KVIrc project just announced the final version in the new stable branch of their IRC client, KVIrc 4.0.0 “Insomnia”.

2 months after the latest release candidate and more than 500 bugfixes from the bugtracker alone this new version now depends on Qt4 of which the developers say is “a great framework to base KVIrc on, far better than Qt3″.

Noteable changes from the last stable, KVIrc 3.4.2, are added support for server extensions such as CAPs, SASL, STARTTLS and services packages. DCC support has been enhanced with UPnP which automatically opens ports in routers so you don’t need to worry about proper port-forwarding anymore.