Описание
UnrealIRCd 3.2.8.1, as distributed on certain mirror sites from November 2009 through June 2010, contains an externally introduced modification (Trojan Horse) in the DEBUG3_DOLOG_SYSTEM macro, which allows remote attackers to execute arbitrary commands.
Комментарий
Per: http://www.unrealircd.com/txt/unrealsecadvisory.20100612.txt
'Official precompiled Windows binaries (SSL and non-ssl) are NOT affected.
CVS is also not affected.
3.2.8 and any earlier versions are not affected.
Any Unreal3.2.8.1.tar.gz downloaded BEFORE November 10 2009 should be safe, but you should really double-check, see next.'
Ссылки
- Vendor Advisory
- Exploit
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Exploit
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
EPSS
7.5 High
CVSS2
Дефекты
Связанные уязвимости
UnrealIRCd 3.2.8.1, as distributed on certain mirror sites from Novemb ...
UnrealIRCd 3.2.8.1, as distributed on certain mirror sites from November 2009 through June 2010, contains an externally introduced modification (Trojan Horse) in the DEBUG3_DOLOG_SYSTEM macro, which allows remote attackers to execute arbitrary commands.
EPSS
7.5 High
CVSS2