This vulnerability has been modified since it was last analyzed by the NVD. It is awaiting reanalysis which may result in further changes to the information provided.
UnrealIRCd 22.214.171.124, as distributed on certain mirror sites from November 2009 through June 2010, contains an externally introduced modification (Trojan Horse) in the DEBUG3_DOLOG_SYSTEM macro, which allows remote attackers to execute arbitrary commands.
'Official precompiled Windows binaries (SSL and non-ssl) are NOT affected.
CVS is also not affected.
3.2.8 and any earlier versions are not affected.
Any Unreal126.96.36.199.tar.gz downloaded BEFORE November 10 2009 should be safe, but you should really double-check, see next.'
CVSS v2.0 Severity and Metrics:
Access Vector (AV):
Access Complexity (AC):
Allows unauthorized disclosure of information
Allows unauthorized modification
Allows disruption of service