[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE request: UnrealIRCd 3.2.8.1 source code contained
From:       Eugene Teo <eugeneteo () kernel ! sg>
Date:       2010-06-15 0:07:31
Message-ID: 4C16C443.1030002 () kernel ! sg
[Download RAW message or body]

On 06/13/2010 01:10 AM, Alex Legler wrote:
> Hi.
>
> Quoting http://www.unrealircd.com/txt/unrealsecadvisory.20100612.txt:
>
> "We found out that the Unreal3.2.8.1.tar.gz file on our mirrors has been
> replaced quite a while ago with a version with a backdoor (trojan) in
> it. This backdoor allows a person to execute ANY command with the
> privileges of the user running the ircd. The backdoor can be executed
> regardless of any user restrictions (so even if you have passworded
> server or hub that doesn't allow any users in)."
>
> Basically, a system() call was injected into the source code, disguised
> as a debug/log macro.

Also see, http://seclists.org/dailydave/2010/q2/56

Eugene
-- 
main(i) { putchar(182623909 >> (i-1) * 5&31|!!(i<7)<<6) && main(++i); }
[prev in list] [next in list] [prev in thread] [next in thread]