Securiteam reports that Lance Fitz-Herbert found another bug in Trillian.

This bug is in the IRC subsystem of Trillian. Some IRC-servers request that you identify yourself through a IDENT server. Trillian is able to run such server. This part, the IDENT server, is bugged.

If you are running a trillian IDENT server (which keeps on running after the logging-on proces) and someone connects to it (port 113) and sends 418 bytes to it (or more), Trillian crashes.

I checked my Trillian (.74) and found the IDENT-server disabled. I do not remember turning it off, so there's a good chance it's turned off by default (in which case you're safe). Could someone verify? You can look at your IDENT settings in the 'ident'-tab of the IRC connection manager, bottom-left corner.

Related links:
SecuriTeam's warning (including source code)
Security.nl article (in Dutch)