IRC server had backdoor in source code for months - Update

    Date14 Jun 2010
    Posted ByAnthony Pell
    The developers of the open source IRC server UnrealIRCd have had to report that the file servers of the project were compromised several months ago and the IRC servers code, Unreal3.2.8.1.tar.gz was replaced by a version with a backdoor. The backdoor allows anyone to execute commands on the server running UnrealIRCd, with the privileges of the user running the IRC daemon, .. even if the IRC server is a hub or requires passwords to access it normally. According to the report, the version with the backdoor was apparently placed on file servers in November 2009, but remained unnoticed until now.

    To ensure that there isn't a repeat of the incident, the developers say they plan to re-implement the PGP/GPG signing of releases; a later posting in the forums says this has now been implemented. The developers do note that only the one file, Unreal3.2.8.1.tar.gz was affected; the Windows versions, earlier releases and the code in the CVS source code control system are unaffected. The advisory also contains details on how to check installations for the backdoor, with MD5 checksums for the "bad" and "good" versions of the archive or, if the archive is not available, a simple way to check the source code using grep.

    You are not authorised to post comments.

    LinuxSecurity Poll

    Has your email account ever been pwned in a data breach?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.