A security issue and a vulnerability have been reported in UnrealIRCd, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
1) The security issue is caused due to certain files being distributed via e.g. the project's mirrors containing a backdoor. This can be exploited to e.g. execute arbitrary shell commands by sending specially crafted packets to the service.
Note: The backdoor is reported in the source code file of version 184.108.40.206 (e.g. "Unreal220.127.116.11.tar.gz") with an MD5 checksum of 752e46f2d873c1679fa99de3f52a274d. The MD5 checksum of legitimate copies is 7b741e94e867c0a7370553fd01506c66.
2) A boundary error in the user authentication can be exploited to cause a buffer overflow via an overly long username.
Successful exploitation of this vulnerability requires that "allow::options::noident" is used (not used by default).
Solution: Ensure that you've installed a legitimate copy of UnrealIRCd version 18.104.22.168. Please see the vendor's advisories for additional details.
Provided and/or discovered by: Reported by the vendor.
Original Advisory: http://www.unrealircd.com/txt/unrealsecadvisory.20090413.txt
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org
Subject: UnrealIRCd Backdoor Security Issue and User Authentication Buffer Overflow
No posts yet
You must be logged in to post a comment.
Secunia Customer Login
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.