Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Always practice safe software: a lesson from UnrealIRCd

From: Vlatko Kosturjak <kost () linux hr>
Date: Mon, 14 Jun 2010 08:48:17 +0200
On 06/14/2010 08:01 AM, Fyodor wrote:

On Sun, Jun 13, 2010 at 11:37:02PM -0500, Ron wrote:

On Sun, 13 Jun 2010 16:32:24 -0500 Ron <ron () skullsecurity net> wrote:

I totally failed to get a Trojanned version of UnrealIRCd running on
Windows, and I don't know if any of the Windows binaries were even
affected, but the attached version should run on both Windows and
Linux.


Hi Ron.  It is great to see you and Kost taking this on!

I have read that the Windows binaries were not affected, but that was
from a Slashdot comment rather than a known reliable source.  So it
sounds like this level of testing is good enough for now, unless we
find evidence that infected Windows Unreal installs are out in the
wild.



From http://www.unrealircd.com/txt/unrealsecadvisory.20100612.txt :


Safe versions
==============

The Windows (SSL and non-ssl) binaries are NOT affected.

CVS is also not affected.

3.2.8 and any earlier versions are not affected.


Kost
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: