COMMAND

    mIRC

SYSTEMS AFFECTED

    All hybrid and other EFnet IRCD versions.  Probably others.

PROBLEM

    syg FPSC  found following.   According to  the date  of this file,
    there is a  few bugs in  hybrid IRCD and  maybe others.   DALnet's
    source was being checked and it seems their code is fixed and  not
    affected.  The bug is in match.c of the source code and starts  on
    line 204  at 'tolowertab[]'.   Note the line that consists of  the
    following:

        "'t', 'u', 'v', 'w', 'x', 'y', 'z', '{', '|', '}', '~',"

    Then go to line 238 in  match.c to 'touppertab[]'.  Note the  line
    that reads:

        "'T', 'U', 'V', 'W', 'X', 'Y', 'Z', '[', '\\', ']', '^',"

    and look at the two lines.   If you notice, it takes the '{'  char
    and defines its uppercase char  as '[' as along with  defining '|'
    to '\', '}' to ']', and '~'  to '^'. What this means is thier  the
    same characters in channel names and nicknames.  Now what can  you
    do with this in such a way it would be a problem?   You can spy on
    channels that consist of any one of those 8 characters below:

        1) {     --Defined as LowerCase [
        2) [     --Defined as UpperCase {
        3) }     --Defined as LowerCase ]
        4) ]     --Defined as UpperCase }
        5) |     --Defined as LowerCase \
        6) \     --Defined as UpperCase |
        7) ~     --Defined as LowerCase ^
        8) ^     --Defined as UpperCase ~

    This problem and  mIRC make a  dangerous combination.   Lets say a
    bunch of your friends hang in #mIRC] and you run BitchX.  All  you
    have to do is join #mIRC} and thier mIRC clients wont see you join
    the  channel  which  means  you  are  a  ghost  and  therefore are
    invisible.  Another example would be...  two people are in #Love^2
    and you ran BitchX.  All you would have to do is join #Love~2  and
    they  wont  see  you  join,   therefore  you  can  spy  on   thier
    conversation  all  night  long.   Now  if  one  of the mIRC people
    happened to  type "/names  #mIRC]" or  "/names #Love^2"  you would
    magically pop up in the nick list  of the  channel.  That is  also
    the same if someone joins  the channel after you have  joined, you
    will show  up in  thier names  list therefore  it will  put you in
    thier nick list in the channel window.  Be creative and have  fun.
    In RFC1459 chapter 2.2 says:

        Because of IRC's scandanavian  origin, the characters {}|  are
        considered to be the lower case equivalents of the  characters
        []\, respectively.

    So, what  we have  here is  75% a  mIRC bug,  not an IRCD bug (75%
    because  the  RFC  doesn't  mention  '~'  and  '^', which probably
    shouldn't be considered equivalent by the server).

SOLUTION

    The fix would be to  simply edit /src/match.c of the  source code.
    DALnet seems to  have a nice  match.c at ftp.dal.net  in df467.tgz
    if  you  EFnet  staff  need  any  ideas.   We all hope to see this
    fixed in your next release of hybrid.