COMMAND

	mIRC dcc filename spoofing

SYSTEMS AFFECTED

	mIRC 6.03 and below has been found vulnerable

PROBLEM

	Knud Erik Højgaard [kain(at)ircop(dot)dk] found  following  about  mIRC,
	"a friendly IRC client that is well equipped with options and tools":
	
	The DCC GET dialog has a limited area visible for the filename.  By  DCC
	sending a file with  a  specially  crafted  filename  it's  possible  to
	'spoof' a legitimate file.
	
	Sending a file which name consists of for example 'me.mpg' + 'about  180
	"alt-0160(fakespace)"' + '.exe' leads the recieving user into  believing
	that the file is merely a harmless mpeg file, while it  is  in  fact  an
	executable. mIRC has a handy 'open' button upon completion of  the  dcc,
	so unless the user actually opens the download folder and  verifies  the
	extension of the file, a compromise is possible.
	
	If the remote user has DCC ignore enabled this will of course not work.

SOLUTION

	Think twice before opening any kind of file from untrusted source.