Archive for the ‘Software’ Category

« Older Entries

IRC Defender arbitrary code execution exploit

Monday, November 28th, 2011

Yesterday, news broke that there is an arbitrary code execution exploit within the still popular IRC security service IRC Defender which is, according to the reporter, being actively exploited.

The flaw is said to be within the InspIRCd link module for which a patched version exists, but according to the original post to the IRC-Security mailinglist there are more flaws within the InspIRCd link module and also within the UnrealIRCd link module.

Read the full post (270 words, 1 image, estimated 1:05 mins reading time)

Tags: , ,
Posted in Hack, IRC, Network Addons, Software | 3 Comments »

UnrealIRCd 3.2.9 – New stable version after 2 years

Wednesday, November 9th, 2011

UnrealIRCd, the IRCd that still dominates the usage statistics of all IRCds, has seen another stable release and is now at version 3.2.9.

After 2 release candidates and with 212 changes and bugfixes – almost the same amount as the last three stable releases combined – among which is a “substantial amount of new features” as Syzop writes in their announcement.

He thanks everyone that made this release possible but especially mentions binki who did a “considerable amount of work to make this release possible”.

And indeed, there is a large amount of changes – for example:

Read the full post (345 words, 1 image, estimated 1:23 mins reading time)

Tags: , ,
Posted in IRC, IRCd, Software | No Comments »

Hybrid releases 7.3.0

Sunday, August 14th, 2011

Earlier this week, Jon Lusky released a new version of ircd-hybrid. The version number has now reached 7.3.0. Among the changes you find a new Bulgarian translation, a fixed IPv6 implementation and channel modes O and S for opers-only respective SSL/TLS-only clients. Server administrators now get to choose whether they want to use SSLv3 or TLSv1 to secure connections. All spy-notice modules that previously covered reports for usage of STATS, TRACE, MOTD and ADMIN have been replaced by server-sided notices. The old LazyLinks concept has now been removed, as it was half broken. The WATCH command known from UnrealIRCd and Bahamut has been added. In addition to that, a few minor cleanups and bugs leading to crashes have been fixed.

Read the full post (241 words, 1 image, estimated 58 secs reading time)

Tags: , ,
Posted in IRC, IRCd, Software | No Comments »

ii – A Filesystem-based IRC Client

Monday, September 13th, 2010

There are many different IRC clients out there and no matter what your preferences are, you’re almost guaranteed to find one that will suit your needs.

Most clients today provide some sort of graphical user interface or come with an ASCII-based interface. And while the latter, CLI-based clients, are commonly thought to be the most basic variant of an IRC client, i was surprised to find a client that manages to be even more plain: ii or IRC IT.

ii is a “minimalist FIFO and filesystem-based IRC client”, meaning every channel, private message and other server communication is represented by a directory containing an in and an out file.

Read the full post (356 words, 3 images, estimated 1:25 mins reading time)

Tags: , , ,
Posted in Clients, IRC, Software | 4 Comments »

KVIrc 3.x and 4.x Remote Command Execution Vulnerability

Sunday, August 1st, 2010

All current versions of the KVIrc IRC client contain a remotely exploitable command execution vulnerability, including builds of KVIrc 4 from subversion up to revision 4692 as well as the older 3.x versions.

The bug, triggered by inserting carriage returns (r) into DCC GET commands, can be used to execute every command the IRCd understands in the context of the user running the vulnerable client instance.

To check if your version is exploitable you can either take a look at the “About KVIrc” tab under “Help” and check the revision or execute the following command on IRC:

Read the full post (319 words, 1 image, estimated 1:17 mins reading time)

Tags: , , ,
Posted in Clients, Hack, IRC, Software | No Comments »

« Older Entries