Some versions of Unreal3.2.8.1.tar.gz contain a backdoor

Postby Syzop on Sat Jun 12, 2010 9:17 am

Hi all,

This is very embarrassing…

We found out that the Unreal3.2.8.1.tar.gz file on our mirrors has been
replaced quite a while ago with a version with a backdoor (trojan) in
it. This backdoor allows a person to execute ANY command with the
privileges of the user running the ircd. The backdoor can be executed
regardless of any user restrictions (so even if you have passworded
server or hub that doesn’t allow any users in).

http://forums.unrealircd.com/viewtopic.php?t=6562


Cheers Malcolm °¿° (Linux Counter #276890)
SUSE Linux Enterprise Desktop 11 (x86_64) Kernel 2.6.32.12-0.7-default
up 12:48, 2 users, load average: 0.00, 0.02, 0.00
GPU GeForce 8600 GTS Silent - Driver Version: 195.36.31

malcolmlewis wrote:
> This backdoor allows a person to execute ANY command with the
> privileges of the user running the ircd.

i expect we will see more and more of these propagated as the ‘script
kiddies’ and other crackers tire of blocks placed by Redmond and the
great influx of dissatisfied M$ users (and other run-as-rooters) flock
to Ubuntu/etc gives them more fertile Linux ground in which to plant
their evil…

ymmv


DenverD (Linux Counter 282315)
CAVEAT: http://is.gd/bpoMD
posted via NNTP w/TBird 2.0.0.23 | KDE 3.5.7 | openSUSE 10.3
2.6.22.19-0.4-default SMP i686
AMD Athlon 1 GB RAM | GeForce FX 5500 | ASRock K8Upgrade-760GX |
CMedia 9761 AC’97 Audio