BitchX download could contain a backdoor

bitchx-backdoor (11808) The risk level is classified as HighHigh Risk

Description:

BitchX, if downloaded between 12-Apr-2003 and 13-Apr-2003, could cause a backdoor to be installed on victim's computers. One of the FTP sites that was linked from the BitchX Web site was a false FTP site, and the BitchX IRC Client 1.0 c19 was modified to include a Trojan Horse. Once the Trojan Horse is executed, it attempts to connect to 207.178.61.5 on port 6667. This could allow a remote attacker to gain access to systems that have installed the compromised BitchX distributions and execute commands on the system with privileges of the user who installed the affected package.


Consequences:

Gain Access

Remedy:

Users should verify that they have an authentic version of BitchX installed. Refer to the BugTraq Mailing List posting dated Mon Apr 14 2003 - 20:03:21 CDT for more information. See References.

References:

Platforms Affected:

  • Colten Edwards BitchX 1.0c19

Reported:

Apr 13, 2003

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page