UnrealIRCd Backdoor Detection

This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.


Synopsis :

The remote IRC server contains a backdoor.

Description :

The remote IRC server is a version of UnrealIRCd with a backdoor
that allows an attacker to execute arbitrary code on the affected
host.

See also :

http://seclists.org/fulldisclosure/2010/Jun/277
http://seclists.org/fulldisclosure/2010/Jun/284
http://www.unrealircd.com/txt/unrealsecadvisory.20100612.txt

Solution :

Re-download the software, verify it using the published MD5 / SHA1
checksums, and re-install it.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.3
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Backdoors

Nessus Plugin ID: 46882 ()

Bugtraq ID: 40820

CVE ID: CVE-2010-2075