CVE-2010-2075

2010-06-15T14:04:00
ID CVE-2010-2075
Type cve
Reporter cve@mitre.org
Modified 2010-06-18T05:36:00

Description

UnrealIRCd 3.2.8.1, as distributed on certain mirror sites from November 2009 through June 2010, contains an externally introduced modification (Trojan Horse) in the DEBUG3_DOLOG_SYSTEM macro, which allows remote attackers to execute arbitrary commands. Per: http://www.unrealircd.com/txt/unrealsecadvisory.20100612.txt

'Official precompiled Windows binaries (SSL and non-ssl) are NOT affected.

CVS is also not affected.

3.2.8 and any earlier versions are not affected.

Any Unreal3.2.8.1.tar.gz downloaded BEFORE November 10 2009 should be safe, but you should really double-check, see next.'