Unreal IRCD contains a backdoor in versions of 3.2.8.1 containing the MD5 checksum of MD5 checksum of 752e46f2d873c1679fa99de3f52a274d that may allow an attacker to execute arbitrary shell commands.

Upgrade to version 3.2.8.1 (2010-06-12) or higher, as it has been reported to fix this vulnerability. Note that this flaw was fixed in the 2010-06-12 release without a change in version number. An upgrade is required as there are no known workarounds.

• Exploit Database: 13853
• CVE ID: 2010-2075 (see also: NVD)
• Secunia Advisory ID: 40147 40169
• Bugtraq ID: 40820
• Metasploit ID: 65445
• VUPEN Advisory: ADV-2010-1437
• Mail List Post: http://archives.neohapsis.com/archives/dailydave/2010-q2/0057.html
  http://seclists.org/fulldisclosure/2010/Jun/277
  http://seclists.org/fulldisclosure/2010/Jun/277
  http://seclists.org/fulldisclosure/2010/Jun/284
• Vendor Specific Solution URL: http://security.gentoo.org/glsa/glsa-201006-21.xml
• Generic Exploit URL: http://www.coresecurity.com/content/unrealircd-backdoor-unauthorized-access-exploit-10-5
• Vendor Specific Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-201006-21.xml
  http://www.unrealircd.com/txt/unrealsecadvisory.20100612.txt
• Generic Informational URL: http://www.h-online.com/security/news/item/IRC-server-had-backdoor-in-source-code-for-months-1020987.html
• Other Advisory URL: http://www.openwall.com/lists/oss-security/2010/06/14/11
• News Article: http://www.pcworld.com/businesscenter/article/198686/linux_trojan_raises_malware_concerns.html
• Vendor Specific News/Changelog Entry: http://www.unrealircd.com/txt/unrealsecadvisory.20100612.txt
  https://bugs.gentoo.org/show_bug.cgi?id=323691

• Not Available