CVE-2010-2075

EPSS 83.5%

UnrealIRCd 3.2.8.1, as distributed on certain mirror sites from November 2009 through June 2010, contains an externally introduced modification (Trojan Horse) in the DEBUG3_DOLOG_SYSTEM macro, which allows remote attackers to execute arbitrary commands.

Affected products

n/a · n/a

public PoCs found — 10

githubgithub.com/MFernstrom/OffensivePascal-CVE-2010-2075★ 2 githubgithub.com/FredBrave/CVE-2010-2075-UnrealIRCd-3.2.8.1★ 1 githubgithub.com/Tc-XoNoR/CVE-2010-2075★ 1 githubgithub.com/mishaqdev/cve-2010-2075-analysis★ 0 githubgithub.com/JoseLRC97/UnrealIRCd-3.2.8.1-Backdoor-Command-Execution★ 0 githubgithub.com/earthbendergara/unrealircd3.2.8.1-local-exploit★ 0 githubgithub.com/chancej715/UnrealIRCd-3.2.8.1-Backdoor-Command-Execution★ 0 exploitdbwww.exploit-db.com/exploits/13853unverified exploitdbwww.exploit-db.com/exploits/16922unverified cve_referencewww.exploit-db.com/exploits/13853unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://osvdb.org/65445 http://seclists.org/fulldisclosure/2010/Jun/277 http://seclists.org/fulldisclosure/2010/Jun/284 http://secunia.com/advisories/40169 http://security.gentoo.org/glsa/glsa-201006-21.xml http://www.exploit-db.com/exploits/13853 http://www.openwall.com/lists/oss-security/2010/06/14/11 http://www.securityfocus.com/bid/40820 http://www.unrealircd.com/txt/unrealsecadvisory.20100612.txt http://www.vupen.com/english/advisories/2010/1437