Check For Backdoor In Unrealircd Network Vulnerability

Summary

Detection of backdoor in unrealircd.

Solution

Install latest version of unrealircd and check signatures of software you're installing.

Insight

Remote attackers can exploit this issue to execute arbitrary system commands within the context of the affected application. The issue affects Unreal 3.2.8.1 for Linux. Reportedly package Unreal3.2.8.1.tar.gz downloaded in November 2009 and later is affected. The MD5 sum of the affected file is 752e46f2d873c1679fa99de3f52a274d. Files with MD5 sum of 7b741e94e867c0a7370553fd01506c66 are not affected.

References

http://seclists.org/fulldisclosure/2010/Jun/277
http://www.securityfocus.com/bid/40820
http://www.unrealircd.com/txt/unrealsecadvisory.20100612.txt

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-2075

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Quicktime/Darwin Remote Admin Exploit
TFTPD overflow
cfengine CFServD transaction packet buffer overrun vulnerability
snmpXdmid overflow
Open WebMail userstat.pl Arbitrary Command Execution

Check for Backdoor in unrealircd

Take action and discover your vulnerabilities