The current stable version, 1.1-final, released in 2004, suffers from critical security vunerabilities, which would allow the IRC server to execute arbitrary code on the user’s machine. (CVE-2007-3360, CVE-2007-4584). The stable version of BitchX should not be used until a new version is released.
A new version is in the works as of 2012, but has not been officially released yet. The security vunerabilities are fixed in the SVN tree, so source builds based on latest SVN should be unaffected.
Once widely popular, BitchX incorporates many features traditionally found in script packages directly into an IRC client. BitchX has a reputation for being the kitchen sink of terminal-based IRC clients.
Because of the all-inclusive approach, and default settings which may not be suitable for all users, it’s essential to read the documentation carefully and adjust some settings (beyond the “I’m to lame to read BitchX.doc” message) before using BitchX, and particularly before using it while opped in a channel. The defaults for the channel protection features may be too agressive for your channel and lead to unwanted kicks and bans.
- Built-in detach/reattach similar to the “screen” utility.
- Built-in channel protection.
- eggdrop-like functionality built-in to the client.