Eggdrop Share Module Arbitrary Share Bot Add Vulnerability

Share.mod, a component of Eggdrop, has been reported prone to a vulnerability that may result in the compromise of an entire Bot Network. The issue present itself due to a programming error in an Eggdrop function that results in a failure to implement intended program logic. This failure will result in every Bot that is processed by the vulnerable receiving STAT_OFFERED privileges. The attacker may further leverage this issue to attain STAT_SHARE status for a malicious Bot.


Privacy Statement
Copyright 2010, SecurityFocus