Surv1v4l1st (talk | contribs) m →Security: Formatting update. |
to be deleted |
||
Line 1: | Line 1: | ||
<!-- Please do not remove or change this AfD message until the issue is settled --> |
|||
{{AfDM|page=BitchX|logdate=2009 September 29|substed=yes}} |
|||
<!-- For administrator use only: {{oldafdfull|page=BitchX|date=29 September 2009|result='''keep'''}} --> |
|||
<!-- End of AfD message, feel free to edit beyond this point --> |
|||
{{Infobox_Software |
{{Infobox_Software |
||
| name = BitchX |
| name = BitchX |
Revision as of 06:31, 29 September 2009
Developer(s) | Colten Edwards (panasync) |
---|---|
Stable release | 1.2.1 (November 14, 2014 | )
Preview release | BitchX-1.3 (January 1, 2013 | )
Repository | |
Written in | C |
Type | IRC client |
License | Revised BSD license |
Website | http://www.bitchx.org |
BitchX is a free IRC client. The initial implementation, written by "Trench" and "HappyCrappy", was a script for the IrcII chat client. It was converted to a program on its own right by panasync (Colten Edwards). BitchX 1.1 final was released in 2004. It is written in C, and is a console application. A graphical interface is also available, which uses the GTK+ toolkit. It works on most Unix-like operating systems, and is distributed under a BSD license. It is originally based on ircII-EPIC and eventually it was merged into the EPIC IRC client. It supports IPv6[1], multiple servers and SSL, but not UTF-8. BitchX (often called just "BX" by fans) is well known for its unique default of sending random messages on a /quit.
BitchX 2 is the current project. While there is no current release to the public on the new code base, the project is leaning towards merging back to the current base version of Epic.
Security
It was known that early versions of BitchX were vulnerable to a denial of service attack in that they could be caused to crash by passing specially-crafted strings as arguments to certain IRC commands. This was before format string attacks became a well-known class of vulnerability.[2]
The current version of BitchX, released in 2004, has security problems allowing remote IRC servers to execute arbitrary code on the client's machine (CVE-2007-336, CVE-2007-4584).
On April 26th, Slackware removed BitchX from its distribution, citing the numerous unresolved security issues. [3]
See also
External links
References
- ^ Peter Loshin (2004). IPv6: Theory, Protocol, and Practice. Morgan Kaufmann. p. 316.
- ^ Ryan Russell (2002). Hack Proofing Your Network. Syngress. p. 329.
- ^ http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.285737