IRC-Junkie.org – IRC News

All about Internet Relay Chat

KVIrc 3.x and 4.x Remote Command Execution Vulnerability

All current versions of the KVIrc IRC client contain a remotely exploitable command execution vulnerability, including builds of KVIrc 4 from subversion up to revision 4692 as well as the older 3.x versions.

The bug, triggered by inserting carriage returns (r) into DCC GET commands, can be used to execute every command the IRCd understands in the context of the user running the vulnerable client instance.

To check if your version is exploitable you can either take a look at the “About KVIrc” tab under “Help” and check the revision or execute the following command on IRC:

/echo $version

To make matters worse, whole channels can be exploited at once if they don’t have a mode set that disallows CTCPing them.

A quick workaround is to execute the following command, effectively preventing those “failed” DCC handshakes to be notified and disabling the bug:

/option boolNotifyFailedDccHandshakes 0

To see if you’ve already been exploited you can take a look in your server window and search for lines that look similar to these:

[01:27:46] Processing DCC GET PRIVMSG #kvirc :I’m owned
request from ATTACKER [ATTACKER@HOSTNAME] (DCC GETrPRIVMSG40#kvirc40:I’m40ownedr)
[01:27:46] Unable to process the above request: Unknown DCC type ‘GET PRIVMSG #KVIRC :I’M OWNED ‘, Ignoring and notifying failure

Updated builds of KVIrc are available on their homepage – some distributions also already have updated builds in their repository. If you can’t update because your distribution is not among the one with updated builds, the workaround helps to not fall prey to any possible attackers.

Original report on KVIrc bugtracker
Advisory on Secunia.com

  Copyright secured by Digiprove

KVIrc 4.0.0 "Insomnia" is available for download

The KVIrc project just announced the final version in the new stable branch of their IRC client, KVIrc 4.0.0 “Insomnia”.

2 months after the latest release candidate and more than 500 bugfixes from the bugtracker alone this new version now depends on Qt4 of which the developers say is “a great framework to base KVIrc on, far better than Qt3″.

Noteable changes from the last stable, KVIrc 3.4.2, are added support for server extensions such as CAPs, SASL, STARTTLS and services packages. DCC support has been enhanced with UPnP which automatically opens ports in routers so you don’t need to worry about proper port-forwarding anymore.

Compatability with various operating systems such as Mac OS X, Windows 7 and KDE4 has been improved and the “totally rewritten” MDI subsystem allows for a clean integration with your OS, adapting to the look and feel you’re used to.

Scripters will find a plethora of changes and additions and a visual class editor has been added to ease the development of custom scripts. KVIrcs support for user avatars has been improved too – now you can have animated avatars and getting the avatar from one person doesn’t require to CTCP the whole channel anymore.

An interesting addition in 4.0.0 is the ability to have a video chat over DCC – but other nice-to-have improvements made it into this release too: A graphical addon-manager, an improved and rewritten bandwidth monitor and direct media playback using the Phonon library – just to name a few.

If you got curious and would like to try out the new KVIrc 4.0.0 stable, you can find the download (currently sourcecode only) here and to read the full announcement click here.

  Copyright secured by Digiprove

KVIrc 4.0 RC3 is available for testing

HelLViS69 of the KVIrc project just announced that release candidate 3 of their IRC client in the 4.0 branch is available for testing.

The changelog sounds pretty interesting and the client seems to have gotten lots of new features and more than 200 bugs have been fixed since RC1.

In the announcement, developer HelLViS69 lists the new features in this build, such as an “automagical wizard to create theme packages, the new class editor (no more classes in aliases!), the smart nick coloring which permits to select your favourite fore/background color”.

But how about something revolutionary? Developer CtrlAltCa has something in store for us:

DCC Video Chat – yes, you read that right and no, this is no April Fools joke ;) But a picture says more than 1000 words:

KVIRC DCC Video Chat

KVIRC DCC Video Chat

The picture shown is from an early implementation of DCC Video and only uses SJPEG so the video quality should be much better with the current Ogg Theora codec. Sadly, this feature is currently only available for Linux users of KVIrc since it uses the V4L/V4Lv2 backends.

Developer CtrlAltCa however says that there will be a cross-platform implementation using Phonon as its backend, so multi-platform DCC Video Chat will be just a matter of time.

The complete changelog for KVIrc 4.0 RC3 can be found here and the download can found here.

  Copyright secured by Digiprove

KVIrc recommends updates for freenode users

The KVIrc team has issued an update of their IRC client although it’s technically still at RC2.

The update is recommended for all users of the freenode IRC network that experience problems with “Excess Flood” disconnects from the network, mostly due to autojoining a large number of channels where the client automatically issues a series of commands (/WHO, gets channelmodes and lists of bans as well as ban and invite exemptions) – neither of those events have been rate-limited in the past.

Also, users of the psyBNC and ZNC bouncers (possibly others too) that experienced a bug with the client – searching for CAPABILITIES would hang the connection – can look forward to a fix for that in the new snapshots.

If you want to use a version from their SVN repository, you’re urged to use at least revision 3940 if you’re experiencing said “Excess Floods” and if you want to use features like quiet bans and authentication via SASL (which have been introduced lately on freenode) you should install at least revision 3959.

To retrieve KVIrc from SVN use this command:

svn co https://svn.kvirc.de/svn/trunk/kvirc

To get an already compiled version, take a look at their snapshot directories for your OS on their FTP.

KVIrc 4.0 RC2 tagged [Updated]

Just a few minutes ago, HelLViS69 has released RC2 of the IRC-client KVIrc.

He writes that they “are proud to release the next release candidate. This release contains a huge amount of bugfixes, a cleaner and readable code, some new features including the new ISO standards for file sizes and datetimes format and a new automagical wizard to create addons.”

For now, there is only the possibility to checkout your copy from their SVN repository but he writes that “snapshots for the different OSes/arches will follow in the next days.”

He writes that users of the release candidate should feel free to “blame us for what’s still not working on our bugtracker, so that we can hear you and fix it before the final release” and thanks all people that are “involved in the project that everyday work together to make this happen, all users which report us all glitches and bugs allowing us to improve and spread this wonderful irc client to the world”.

Closing his announcement he writes that they’re “still on a long way to the stable 4.0, but we’re one step further now and we’re getting really close.”

[Update] The Win32 packages are now available from http://unoamolti.net/kvirc/