www.IRC-Junkie.org – IRC News

All about Internet Relay Chat

Monthly Archives: May 2009

Vulnerability in Eggdrop / Windrop 1.6.19

A vulnerability in the Eggdrop and Windrop bot has been found which prompts a new release.

The vulnerabilitiy is present in both latest versions of the bot software 1.6.19 which has been released back in April 2008.

A posting on the Full Disclosure mailinglist goes into more detail, describing how one can at least crash vulnerable bots:

One possible exploit anyone can send to the IRC server to crash eggdrop:

PRIVMSG eggdrop :\1\1

The only resolution at this time is upgrading old bots with the provided fix.

IRCServices 5.1.16 released

Andrew Church releases version 5.1.16 of the IRCServices services package.

Changes in this release have been made to the SUSPEND command to honor the NSSecureAdmins option and the option NoAdminPasswordCheck has been added to disable password strength checks when Services administrators use SET PASSWORD or ChanServ REGISTER.

The downloads are available from

http://www.ircservices.za.net/download/ (Japan)
ftp://ftp.esper.net/ircservices/ (Western USA)

a20be096e427d9c904b99890a14f8349  ircservices-5.1.16.tar.gz
1f087d6d9efaf00eae12842d64f9609b  ircservices-5.1.16.diff.gz
8d0202e2d8fd7d7c7825775de98f52e1  ircservices-5.1.16-1.i386.rpm
f5d98bf470546936d19a91f41af7e3e6  ircservices_5.1.16-1_i386.deb

phpDenora version 1.4.0 is out

The Denora project releases 1.4.0 of phpDenora which is according to Hal9000 mainly a bugfix release “with some changes to the core like utf-8 support”.

Now if you are wondering why there is nothing really new to see in this release, the explanation simply is that phpDenora2 is on the way and it would be a waste of time to dedicate any energy in making substantial changes to phpDenora 1.x. And fear not, an alpha preview release will be available sometime next month.

The changes that have been introduced “require Denora 1.4 and PHP 5.2.” and Hal9000 urges to “read the new System Requirements and the upgrade instructions carefully on the download page.”

Also the Denorastats.org website has been revamped and is worth a look :)