Slashdot Mirror

← Back to Stories (view on slashdot.org)

BitchX 1.0c19 IRC Client Backdoored

Posted by michael on from the what-me-worry dept.

JRAC writes "A recent Bugtraq submission has indicated that the popular IRC client, BitchX, contains a backdoor. So far, only certain 1.0c19 files, downloaded from ftp.bitchx.com are reported to contain the malicious code. The BitchX developers have been notified, so hopefully a fix will be issued soon. Looks like irssi wasn't the only one ;)"

10 of 305 comments (clear)

  1. haha by Anonymous Coward · · Score: -1, Offtopic

    Thats a bitch

  2. XSS in Slashcode by dave-fu · · Score: -1, Offtopic
    There is a nasty Cross Site Scripting(XSS) vuln in
    Slashcode. This was used a day or so go on
    slashdot.org and resulted in most of the site being
    taken down for an hour or so. The maintainers of
    slashcode have patched the problem in CVS but have not
    even mentioned it anywhere that I can find. This
    leaves all sites using slash vulnerable to this
    exploit.

    An example exploit (incomplete) is as follows:



    I am dissapointed that the slachcode maintainers have
    silently fixed this on slashdot.org yet made no
    mention of the problem elsewhere so that other sites
    can patch themselves. No wonder there are so many
    "trolls" on slashdot.org...ah well.

    If you run a site using slashcode, get the latest CVS.

    That is all. Move along.

    --
    Easy does it!
    This comment has been submitted already, 276865 hours , 59 minutes ago. No need to try again.
    1. Re:XSS in Slashcode by You'reAFuckingMoron · · Score: -1, Offtopic

      This post is quite inaccurate and we will be responding, also on bugtraq, momentarily.

      It's been several hours, and we're still waiting for "momentarily" to happen.

      Could you post a story on SlashDot, too?

      --
      What a fabulous troll your post was.... or how fabulously stupid you are. It's impossible to tell.
  3. Does anyone still use Pirch ? by cOdEgUru · · Score: 1, Offtopic

    When I first started using irc clients, mirc and Pirch were my first two clients. I understand mirc is one of the most widely used clients, but what about Pirch ? Does anyone stil use it.

    --
    Rapid Nirvana
  4. Any text client do dccserver? by Anonymous Coward · · Score: -1, Offtopic

    I hate MIRC but want to use fservers behind firewalls. Anyone haeva client with the /dccserver command supported?

  5. Not as bad as the massive backdoor in Windows by toupsie · · Score: 1, Offtopic

    As reported in The Register. Why worry about IRC when Microsoft 0w3n$ j00!...legally...24/7.

    --
    Strange women lying in ponds distributing swords is no basis for a system of government.
  6. ++ATH0 by Anonymous Coward · · Score: -1, Offtopic

    I sneak past to bun!!! Were for to klik to quake?!?!

  7. Re:It's Odd by Anonymous Coward · · Score: -1, Offtopic

    hehehehehe. thats a good one, i'll have to remember that for when I don't check "Post Anonymously" :)

  8. Re:Who's this? by Anonymous Coward · · Score: -1, Offtopic

    Slashdot em! Quick!

  9. Could you tow the party line any further? by Anonymous Coward · · Score: -1, Offtopic

    Geez, sheep boy.