Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Kvirc bug

From: stefanek () TIN IT (Szymon Stefanek)
Date: Tue, 28 Sep 1999 00:20:19 -0000

On Fri Sep 24 1999 Rodolfo García Peñas wrote:

//Hi,
//
//The irc client Kvirc has this bug:
//
//<kix> !foo ../../../../../../../etc/passwd
//[...]

Yes...it is a "real" bug of the 0.9.0 version of KVIrc.
Anyway, it is not so easy to download someone's /etc/passwd.
First he must have the "Listen to !nick <soundname>
requests" option enabled (it is disabled by default).
Second , the "offending" user must know where is located
the kvirc "local directory" on the victim's machine to be
able to place the right path to /etc/passwd.
Only version 0.9.0 of KVIrc is vulnerable to this attack.
It will be removed from the KVIrc ftp archive as soon as
possible.

If you are still using KVIrc 0.9.0 you have the following
solutions:

1. Disable the "Listen to !nick <soundname> requests."
option in the "Sound" tab of the Misc options dialog.
(Or better , do not enable it)

2. Get the latest KVIrc sources from http://www.kvirc.org
(The latest public release is beta2) or from the anonymous
cvs (see http://www.kvirc.org/cvs.html).

Szymon Stefanek
Author of KVIrc
Previous By Date Next
Previous By Thread Next

Current thread: