CVE-2010-2075 : UnrealIRCd 3.2.8.1, as distributed on certain mirror sites from November 2009 through June 2010, contains an externally

UnrealIRCd 3.2.8.1, as distributed on certain mirror sites from November 2009 through June 2010, contains an externally introduced modification (Trojan Horse) in the DEBUG3_DOLOG_SYSTEM macro, which allows remote attackers to execute arbitrary commands.

Published 2010-06-15 14:04:26

Updated 2010-06-18 05:36:22

Source Red Hat, Inc.

View at NVD, CVE.org

Vulnerability category: Input validation

Exploit prediction scoring system (EPSS) score for CVE-2010-2075

Probability of exploitation activity in the next 30 days: 64.95%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 98 % EPSS Score History EPSS FAQ

Metasploit modules for CVE-2010-2075

UnrealIRCD 3.2.8.1 Backdoor Command Execution

Disclosure Date: 2010-06-12

First seen: 2020-04-26

exploit/unix/irc/unreal_ircd_3281_backdoor

This module exploits a malicious backdoor that was added to the Unreal IRCD 3.2.8.1 download archive. This backdoor was present in the Unreal3.2.8.1.tar.gz archive between November 2009 and June 12th 2010. Authors: - hdm <x@hdm.io>

More information

CVSS scores for CVE-2010-2075

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P	10.0	6.4	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

CWE ids for CVE-2010-2075

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2010-2075

http://www.openwall.com/lists/oss-security/2010/06/14/11

oss-security - Re: CVE request: UnrealIRCd 3.2.8.1 source code contained a backdoor allowing for remote command execution
http://seclists.org/fulldisclosure/2010/Jun/284

Full Disclosure: Re: Fw: [irc-security] UnrealIRCd 3.2.8.1 backdoored on official ftp and site
http://www.securityfocus.com/bid/40820

UnrealIRCd Backdoor Unauthorized Access Vulnerability
Exploit
http://www.unrealircd.com/txt/unrealsecadvisory.20100612.txt

Vendor Advisory
http://www.vupen.com/english/advisories/2010/1437

Webmail | OVH- OVH
Vendor Advisory
http://www.exploit-db.com/exploits/13853

UnrealIRCd 3.2.8.1 - Remote Downloader/Execute - Linux remote Exploit
http://security.gentoo.org/glsa/glsa-201006-21.xml

UnrealIRCd: Multiple vulnerabilities (GLSA 201006-21) — Gentoo security

CVEs referencing this url
http://seclists.org/fulldisclosure/2010/Jun/277

Full Disclosure: Fw: [irc-security] UnrealIRCd 3.2.8.1 backdoored on official ftp and site

Products affected by CVE-2010-2075

Unrealircd » Unrealircd » Version: 3.2.8.1
cpe:2.3:a:unrealircd:unrealircd:3.2.8.1:*:*:*:*:*:*:*
Matching versions