Test ID:	1.3.6.1.4.1.25623.1.0.80111
Category:	Gain a shell remotely
Title:	Check for Backdoor in unrealircd
Summary:	Check for unrealircd backdoor
Description:	Detected backdoor in unrealircd. The remote unrealircd contains a backdoor (trojan) in it. Remote attackers can exploit this issue to execute arbitrary system commands within the context of the affected application. The issue affects Unreal 3.2.8.1 for Linux. Reportedly package Unreal3.2.8.1.tar.gz downloaded in November 2009 and later is affected. The MD5 sum of the affected file is 752e46f2d873c1679fa99de3f52a274d. Files with MD5 sum of 7b741e94e867c0a7370553fd01506c66 are not affected. References: http://www.unrealircd.com/txt/unrealsecadvisory.20100612.txt http://seclists.org/fulldisclosure/2010/Jun/277 http://www.securityfocus.com/bid/40820 Solution: Install latest version of unrealircd and check signatures of software you're installing.
Cross-Ref:	BugTraq ID: 40820 Common Vulnerability Exposure (CVE) ID: CVE-2010-2075 http://www.exploit-db.com/exploits/13853 http://seclists.org/fulldisclosure/2010/Jun/277 http://seclists.org/fulldisclosure/2010/Jun/284 http://www.openwall.com/lists/oss-security/2010/06/14/11 http://security.gentoo.org/glsa/glsa-201006-21.xml http://www.securityfocus.com/bid/40820 http://osvdb.org/65445 http://secunia.com/advisories/40169 http://www.vupen.com/english/advisories/2010/1437
Copyright	This script is Copyright (C) 2010 Vlatko Kosturjak

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: