It has been brought to my attention that the issues reported in 
http://exploitlabs.com/files/advisories/EXPL-A-2003-002-ircxpro.txt
have been fixed as of the latest release, and all notices should be updated reflecting this resolve.

------------------------------
From: IRCXpro Support
To: Donnie Werner

New version of IRCXpro is here with the issued raised fixed.
------------------------------

I would like to thank IRCXpro for the response, and to congratulate them on a fine product.

Donnie Werner
http://exploitlabs.com
 

original report follows:

------------------------------------------------------------------
          - EXPL-A-2003-002 exploitlabs.com Advisory 002
------------------------------------------------------------------
                    -=- IRCXpro 1.0 -=-


Vunerability(s):
----------------
1.local clear passwords
2.remote default admin enabled


Product:
--------
IRCXpro Server 1.0
http://www.ircxpro.com


Reviews:
--------
http://www.serverwatch.com/sreviews/article.php/1501261
http://reviews.zdnet.co.uk/review/41/2/3418.html


Description of product:
-----------------------
"IRCXpro is a feature rich Internet Relay-Chat (IRC/IRCX) Server
that can provide the basis for an interactive online community.
 Guests will be able to take part in conversation using either
an Internet Browser chat client or 3rd party chat software."


VUNERABILITY / EXPLOIT
======================


Local:
------
All passwords and user names are inside settings.ini ... in the clear


Remote:
-------
Default Settings... Remote admin.


Serv.LogonSettings "LocalHost", 7100, "admin", "password"


Vendor Fix:
-----------
No fix on 0day

Vendor Contact:
---------------
sales@ircxpro.com
support@ircxpro.com

Concurrent with this advisory

Credits:
--------

Donnie Werner
http://exploitlabs.com "where finding your holes is job one, and plugging them twice the phun"
morning_wood@exploitlabs.com
Corporate Security Needs at http://frame4.com Security Systems