Vulnerability?

[Hindifarai]

http://www.securityfocus.com/bid/10811/discussion/

Unreal ircd is prone to multiple vulnerabilities that may allow a remote attacker to execute arbitrary code on a vulnerable computer. If successful, the attacker may gain unauthorized access to the computer. The application is reportedly affected by a buffer overflow, a format string issue, and a command execution vulnerability.

A lack of details in the report does not allow for further information. This issue will be updated as more information becomes available.

It is reported that the process does not drop privileges properly, which could allow the attacker to gain super user access to a vulnerable computer.

Unreal ircd version 3.2.1 is reported prone to these issues. It is possible that other version are affected as well.

Update: Upon further analysis, it was discovered that most of these issues do not pose a security threat. One issue dealing with chroot is deemed to be a weakness and is assigned BID 10814 (Unreal IRCD CHRoot Local Privilege Escalation Weakness). This BID is being retired.

What are you thinking about?

[codemastr]

This BID is being retired.

That's the important part. Not a single one of those issues is real. We talked to the securityfocus people a while ago about this. The report was submitted by some guy who was pretending to know C. He ran some automatic vulnerability detector program that reported a whole bunch of incorrect problems. I assure you, nothing contained within that message poses any threat at all.