English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 73247 CVE descriptions
and 39212 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.80111
Category:Gain a shell remotely
Title:Check for Backdoor in unrealircd
Summary:Check for unrealircd backdoor
Description:
Detected backdoor in unrealircd.

The remote unrealircd contains a backdoor (trojan) in it.

Remote attackers can exploit this issue to execute arbitrary system
commands within the context of the affected application.

The issue affects Unreal 3.2.8.1 for Linux. Reportedly package
Unreal3.2.8.1.tar.gz downloaded in November 2009 and later is
affected. The MD5 sum of the affected file is
752e46f2d873c1679fa99de3f52a274d. Files with MD5 sum of
7b741e94e867c0a7370553fd01506c66 are not affected.

References:
http://www.unrealircd.com/txt/unrealsecadvisory.20100612.txt
http://seclists.org/fulldisclosure/2010/Jun/277
http://www.securityfocus.com/bid/40820

Solution:
Install latest version of unrealircd and check signatures of software
you're installing.
Cross-Ref: BugTraq ID: 40820
Common Vulnerability Exposure (CVE) ID: CVE-2010-2075
http://www.exploit-db.com/exploits/13853
http://seclists.org/fulldisclosure/2010/Jun/277
http://seclists.org/fulldisclosure/2010/Jun/284
http://www.openwall.com/lists/oss-security/2010/06/14/11
http://security.gentoo.org/glsa/glsa-201006-21.xml
http://www.securityfocus.com/bid/40820
http://osvdb.org/65445
http://secunia.com/advisories/40169
http://www.vupen.com/english/advisories/2010/1437
CopyrightThis script is Copyright (C) 2010 Vlatko Kosturjak

This is only one of 39212 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2014 E-Soft Inc. All rights reserved.