A remotely exploitable buffer overrun has been reported in Epic.
This issue may reportedly be exploited by a malicious server that
supplies an overly long nickname in a CTCP messages, potentially
allowing for execution of arbitrary code in the context of the
client user.
It may be also be possible for a malicious client to send such a
message, but it is likely that the server will limit the length.
ok brad@
dd765693ea