VULHUB ™

Certain versions of WircSrv, a personal IRC server for Windows NT or Windows, have a vulnerability which allows certain users to read files to which they possibly should not have access to. This vulnerability is via a command within the server which is accessible only to pre-authorized IRCop's (moderators for the IRC server). This command is supposed to allow the user to access an MOTD (Message Of The Day) for display inside of the IRC session (displayed to users upon login). However, instead of simply allowiong access to a prearranged file it allows access to any file within the permission range of the user running the server.

Certain versions of WircSrv, a personal IRC server for Windows NT or Windows, have a vulnerability which allows certain users to read files to which they possibly should not have access to. This vulnerability is via a command within the server which is accessible only to pre-authorized IRCop's (moderators for the IRC server). This command is supposed to allow the user to access an MOTD (Message Of The Day) for display inside of the IRC session (displayed to users upon login). However, instead of simply allowiong access to a prearranged file it allows access to any file within the permission range of the user running the server.