IRC: UnrealIRCd Backdoor
This signature detects attempts to access the Unrealrcd backdoor introduced into source code in 2009. A successful attack allows the attacker to execute arbitrary code.
Extended Description
UnrealIRCd is prone to an unauthorized-access vulnerability due to a backdoor in certain versions of the application. Successful exploits allow remote attackers to execute arbitrary system commands in the context of the affected application. The issue affects Unreal 3.2.8.1 for Linux. Reportedly, package Unreal3.2.8.1.tar.gz downloaded in November 2009 and later is affected. The MD5 sum of the affected file is 752e46f2d873c1679fa99de3f52a274d. Files with the MD5 sum of 7b741e94e867c0a7370553fd01506c66 are not affected.
Affected Products
Unreal unrealircd
References
BugTraq: 40820
CVE: CVE-2010-2075
URL: http://unrealircd.com/ http://www.unrealircd.com/txt/unrealsecadvisory.20100612.txt
Short Name
CHAT:IRC:UNREALRCD-BACKDOOR
Severity
Major
Recommended
False
Recommended Action
Drop
Category
CHAT
Keywords
Backdoor CVE-2010-2075 UnrealIRCd bid:40820
Release Date
06/17/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Unreal
Gentoo
CVSS Score
7.5