We've had a few account violations at a site I administer, and I believe that the problem has been pinpointed as being IRC. One user pointed this out as the access point into his own account, and this seems to be confirmed by a co-worker who also had his account broken, in apparently the same meathod. So, the question is -- Have there been any new holes in IRC (the newest non- beta version... IRCII 2.2.9, I think) discovered recently? I'm aware of the "ON EXEC" problems, and the like, but the co-worker who's account was broken ran no scripts, nor executed any command to disable EXEC_PROTECTION or anything simular (he's a very lightweight IRC user). I'd -really- like to find the specific meathod of entry here -- Disabling IRC is really not an option. Anyone have ideas? -WW