Slashdot Mirror


BitchX 1.0c19 IRC Client Backdoored

JRAC writes "A recent Bugtraq submission has indicated that the popular IRC client, BitchX, contains a backdoor. So far, only certain 1.0c19 files, downloaded from ftp.bitchx.com are reported to contain the malicious code. The BitchX developers have been notified, so hopefully a fix will be issued soon. Looks like irssi wasn't the only one ;)"

11 of 305 comments (clear)

  1. appropriate title by neal+n+bob · · Score: -1, Troll

    what site has more people who know about backdooring than slashbot?

  2. Fist "Bitch takes it up the back door" Post by Anonymous Coward · · Score: -1, Troll

    Well it had

    to

    be done...

    ...

  3. Re:FP! by sinserve · · Score: -1, Troll

    That is the chick who used to fuck John Lenon, the first beatle to bite the dust.

  4. That can't be! by Anonymous Coward · · Score: -1, Troll

    Tell me it aint so. Something insecure in a Linux/Unix app?

    My Redhat for dummies says this thing is secure!

  5. Re:Who's this? by Basje · · Score: 0, Troll

    However, the owners of the box are still responsible for the lack of security that allowed their box to be compromised.

    I disagree. That would be equivalent to saying you are responsible for your house being burglared. Not having (adequate) security makes one a likely target. It does not, however, make you responsible.

    They are, of course, responsible for anything they do. Giving out backdoored software might get them in trouble, if they actively sent the software it to people. If people downloaded it, they may be liable. However, not many countries have as "modern" laws as the USofA, I do not think that is a problem in Poland.

    --
    the pun is mightier than the sword
  6. Lack of pr0n? by Dead+Fart+Warrior · · Score: -1, Troll

    For troll tuesday, I am disturbed by the lack of quality pr0n in the -1 ranks.

    Shame on you all!

    --
    Quality straight pr0n goes here
  7. Re:In other news ... by Anonymous Coward · · Score: -1, Troll

    BitchX - "We have a larger backdoor than goatse"

  8. Re:XSS in Slashcode by Anonymous Coward · · Score: -1, Troll

    What are the misconceptions? The fact that there was a bug or the fact that slash-choad sucks?

  9. Re:XSS in Slashcode by Pave+Low · · Score: -1, Troll
    Jamie, for a slashdot editor to complain about inaccuracies, of all things, is quite laughable. Ever read your own site lately?

    Anyways, if you don't want people spreading inaccurate information, how about putting the word out first? Jesus, it's been over a day now. Does someone have a light a fire under your ass to get moving? You've railed on Microsoft for far lesser things.

    And you can't be expect people to notify you guys for everything. You guys go apeshit when MS complains things aren't notified to them first.

    --
    SIG:Slashdot: indymedia for nerds.
  10. Re:Who's this? by pacman+on+prozac · · Score: 1, Troll

    "However, the owners of the box are still responsible for the lack of security that allowed their box to be compromised."

    I've now heard this too many times. It's simply wrong. Whatever their reasons for putting a system online that is not totally secure are irrelevant. Blame the person who broke in, not the person who owns/runs the computer.

    As an example how many servers were (and still are) running vulnerable versions of apache? Should all those admins be held responsible if someone broke in to their system and abused it? How about if those same systems were broken into before that vulerability was disclosed. Where do you draw the line? I suggest drawing it by putting the responsibility firmly on the shoulders of the perpetrator of the crime rather than the victims.

  11. Re:FP! by Anonymous Coward · · Score: -1, Troll

    Yo! You're missing out on a golden opportunity for some first quality trolling here: here.