Unrealircd Backdoored

[swa]

http://www.unrealircd.com/txt/unrealsecadvisory.20100612.txt

Looks like the port downloads from the unrealircd mirrors.
Installed from ports and checked in Unreal3.2/include dir to see if I am vulnerable with

grep DEBUG3_DOLOG_SYSTEM struct.h

Outputs nothing so luckily mine is not affected, but maybe others could be affected ?
Not sure where to put this information, who to contact, or if the word should be spread or not.

 

[SirDice]

You're about a week late :e

http://forums.freebsd.org/showthread.php?t=15050

 

[swa]

Good to see it's allready been mentioned
Somehow I was dreaming or some and didn't see it earlier.

 

[SirDice]

The port seems to download the correct (non-backdoored) version. From the advisory:

One is to check if the Unreal3.2.8.1.tar.gz you have is good or bad by running 'md5sum Unreal3.2.8.1.tar.gz' on it.
Backdoored version (BAD) is: 752e46f2d873c1679fa99de3f52a274d
Official version (GOOD) is: 7b741e94e867c0a7370553fd01506c66

The port's distfile:

MD5 (Unreal3.2.8.1.tar.gz) = 7b741e94e867c0a7370553fd01506c66
SHA256 (Unreal3.2.8.1.tar.gz) = 009add8da68b6fb66608d06302e59fa9fb994f901cbd92e6f4f10963f2077741
SIZE (Unreal3.2.8.1.tar.gz) = 2866456

The MD5 matches the "safe" version.

 

[eyebone]

The MD5 matches the "safe" version.

:e:e what do u know we dont