![]() ![]() Is no reason that they couldn't have been. The official Windows binaries were not affected by the backdoor, but there ![]() As the advisory points out, even servers thatĪre set up to require passwords from users, or even not allow any users atĪll, are still vulnerable because they still take input. Not a particularly sophisticated backdoor, but anĮffective one nevertheless. To the server that start with "AB" will be handed off directly to While DEBUGMODE3_INFO is just the string "AB". If (!memcmp(readbuf, DEBUGMODE3_INFO, 2))ĭEBUG3_LOG eventually resolves to a call to system(), Was disguised to look like a debug statement in the code: It took until June 12 for this swap to be noticed, soĪnyone who picked up a copy of the code in that seven month period may be That command would, obviously, run with the privileges of the user thatĮxecuted the server. That backdoor could be used by anĪttacker to run any command on a system running the compromised server. Source distribution of version 3.2.8.1 of UnrealIRCd were replaced with a Game as some reported, it is simply a server that can be run to host IRCįrom what the project can tell, around Novemthe mirrors of the It is not related to the Unreal first-person shooter It runs on most platforms, and has added a number of features that someįolks find useful in an IRC server. ![]() UnrealIRCd is, as its name implies, an Internet Relay Chat (IRC) server. Happen-has happened-to any software project. The problem is not Linux-specific, nor is it a problem withįree software development, it is, instead, something that could Than some other (proprietary) OS, as some pundits But it is hardly the "proof" that Linux is insecure, or Embarrassing for the project, and is certainly a real live security ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |