[原文]Share.mod in Eggheads Eggdrop IRC bot 1.6.10 through 1.6.15 can mistakenly assign STAT_OFFERED status to a bot that is not a sharebot, which allows remote attackers to use STAT_OFFERED to promote a bot to a sharebot and conduct unauthorized activities.
Eggdrop contains a flaw that may allow a malicious user to gain control of a botnet. The issue is triggered when an attacker joins an unauthorized bot to a botnet. It is possible that the flaw may allow unauthorized control resulting in a loss of confidentiality, integrity, and/or availability.
Currently, there are no known workarounds or upgrades to correct this issue. However, the reporter has released a patch to address this vulnerability.