I. BACKGROUND

mIRC is "a friendly IRC client that is well equipped with options and
tools"

More information about the application is available at
http://www.mirc.com

II. DESCRIPTION

The DCC server which is builtin in mirc listens on port 59 if enabled, 
and is insecure by design.

III. ANALYSIS

Connecting to the target om port 59 via for example netcat and typing
100 nick-to-spoof will show a dcc chat request in the targets client, 
appearing to originate from nick-to-spoof.
This can be dangerous if trust relationships are observed between
a vulnerable user and a user on a multi-user system, be it a 
shellprovider/vhost supplier or the likes. 

IV. DETECTION

mIRC 6.03 and below (those versions who incorporate the DCC server) are
found to be vulnerable.

V. WORKAROUND

unknown

VI. VENDOR FIX

unknown

VII. CVE INFORMATION

unknown

VIII. DISCLOSURE TIMELINE

unknown

IX. CREDIT
/
Knud Erik Højgaard/kokaninATdtors.net