Vulnerabilites related to znc - znc
CVE-2019-9917 (GCVE-0-2019-9917)
Vulnerability from cvelistv5
Published
2019-03-27 05:41
Modified
2024-08-04 22:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ZNC before 1.7.3-rc1 allows an existing remote user to cause a Denial of Service (crash) via invalid encoding.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:01:55.197Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/znc/znc/commit/64613bc8b6b4adf1e32231f9844d99cd512b8973"
},
{
"name": "FEDORA-2019-8790e70a89",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WTRBTPL7WWKQ7DZ2ALDTCGYUWSE6SL3/"
},
{
"name": "USN-3950-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3950-1/"
},
{
"name": "FEDORA-2019-64ed5e4dfa",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WRHCMHI44AW5CJ22WV676BKFUWWCLA7T/"
},
{
"name": "FEDORA-2019-d5ad4a435c",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZRVSINQHM623GJYYNDSBYSXT2MHKFCYQ/"
},
{
"name": "DSA-4463",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2019/dsa-4463"
},
{
"name": "20190617 [SECURITY] [DSA 4463-1] znc security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Jun/23"
},
{
"name": "openSUSE-SU-2019:1775",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00037.html"
},
{
"name": "openSUSE-SU-2019:1859",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00018.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ZNC before 1.7.3-rc1 allows an existing remote user to cause a Denial of Service (crash) via invalid encoding."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-14T08:06:03",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/znc/znc/commit/64613bc8b6b4adf1e32231f9844d99cd512b8973"
},
{
"name": "FEDORA-2019-8790e70a89",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WTRBTPL7WWKQ7DZ2ALDTCGYUWSE6SL3/"
},
{
"name": "USN-3950-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3950-1/"
},
{
"name": "FEDORA-2019-64ed5e4dfa",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WRHCMHI44AW5CJ22WV676BKFUWWCLA7T/"
},
{
"name": "FEDORA-2019-d5ad4a435c",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZRVSINQHM623GJYYNDSBYSXT2MHKFCYQ/"
},
{
"name": "DSA-4463",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2019/dsa-4463"
},
{
"name": "20190617 [SECURITY] [DSA 4463-1] znc security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Jun/23"
},
{
"name": "openSUSE-SU-2019:1775",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00037.html"
},
{
"name": "openSUSE-SU-2019:1859",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00018.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9917",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ZNC before 1.7.3-rc1 allows an existing remote user to cause a Denial of Service (crash) via invalid encoding."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/znc/znc/commit/64613bc8b6b4adf1e32231f9844d99cd512b8973",
"refsource": "MISC",
"url": "https://github.com/znc/znc/commit/64613bc8b6b4adf1e32231f9844d99cd512b8973"
},
{
"name": "FEDORA-2019-8790e70a89",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7WTRBTPL7WWKQ7DZ2ALDTCGYUWSE6SL3/"
},
{
"name": "USN-3950-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3950-1/"
},
{
"name": "FEDORA-2019-64ed5e4dfa",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WRHCMHI44AW5CJ22WV676BKFUWWCLA7T/"
},
{
"name": "FEDORA-2019-d5ad4a435c",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZRVSINQHM623GJYYNDSBYSXT2MHKFCYQ/"
},
{
"name": "DSA-4463",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2019/dsa-4463"
},
{
"name": "20190617 [SECURITY] [DSA 4463-1] znc security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Jun/23"
},
{
"name": "openSUSE-SU-2019:1775",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00037.html"
},
{
"name": "openSUSE-SU-2019:1859",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00018.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-9917",
"datePublished": "2019-03-27T05:41:11",
"dateReserved": "2019-03-21T00:00:00",
"dateUpdated": "2024-08-04T22:01:55.197Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-13775 (GCVE-0-2020-13775)
Vulnerability from cvelistv5
Published
2020-06-02 22:51
Modified
2024-08-04 12:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ZNC 1.8.0 up to 1.8.1-rc1 allows authenticated users to trigger an application crash (with a NULL pointer dereference) if echo-message is not enabled and there is no network.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:25:16.566Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/znc/znc/commit/2390ad111bde16a78c98ac44572090b33c3bd2d8"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/znc/znc/commit/d229761821da38d984a9e4098ad96842490dc001"
},
{
"name": "FEDORA-2020-0091083d6d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HS3DWGXLVRROQQA57UIPMDM6XMVEMBRA/"
},
{
"name": "FEDORA-2020-12237dbae2",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DNVBE4T2DRJRQHFRMHYBTN4OSOL6DBHR/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ZNC 1.8.0 up to 1.8.1-rc1 allows authenticated users to trigger an application crash (with a NULL pointer dereference) if echo-message is not enabled and there is no network."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-03T02:06:21",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/znc/znc/commit/2390ad111bde16a78c98ac44572090b33c3bd2d8"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/znc/znc/commit/d229761821da38d984a9e4098ad96842490dc001"
},
{
"name": "FEDORA-2020-0091083d6d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HS3DWGXLVRROQQA57UIPMDM6XMVEMBRA/"
},
{
"name": "FEDORA-2020-12237dbae2",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DNVBE4T2DRJRQHFRMHYBTN4OSOL6DBHR/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-13775",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ZNC 1.8.0 up to 1.8.1-rc1 allows authenticated users to trigger an application crash (with a NULL pointer dereference) if echo-message is not enabled and there is no network."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/znc/znc/commit/2390ad111bde16a78c98ac44572090b33c3bd2d8",
"refsource": "CONFIRM",
"url": "https://github.com/znc/znc/commit/2390ad111bde16a78c98ac44572090b33c3bd2d8"
},
{
"name": "https://github.com/znc/znc/commit/d229761821da38d984a9e4098ad96842490dc001",
"refsource": "CONFIRM",
"url": "https://github.com/znc/znc/commit/d229761821da38d984a9e4098ad96842490dc001"
},
{
"name": "FEDORA-2020-0091083d6d",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HS3DWGXLVRROQQA57UIPMDM6XMVEMBRA/"
},
{
"name": "FEDORA-2020-12237dbae2",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DNVBE4T2DRJRQHFRMHYBTN4OSOL6DBHR/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-13775",
"datePublished": "2020-06-02T22:51:38",
"dateReserved": "2020-06-02T00:00:00",
"dateUpdated": "2024-08-04T12:25:16.566Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2448 (GCVE-0-2010-2448)
Vulnerability from cvelistv5
Published
2010-07-12 17:00
Modified
2024-09-16 22:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
znc.cpp in ZNC before 0.092 allows remote authenticated users to cause a denial of service (crash) by requesting traffic statistics when there is an active unauthenticated connection, which triggers a NULL pointer dereference, as demonstrated using (1) a traffic link in the web administration pages or (2) the traffic command in the /znc shell.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:32:16.664Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://znc.svn.sourceforge.net/viewvc/znc/trunk/znc.cpp?r1=2025\u0026r2=2026\u0026pathrev=2026"
},
{
"name": "ADV-2010-1775",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1775"
},
{
"name": "FEDORA-2010-10078",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043043.html"
},
{
"name": "40523",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40523"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/projects/znc/files/znc/0.092/znc-0.092-changelog.txt/view"
},
{
"name": "40982",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/40982"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://znc.svn.sourceforge.net/viewvc/znc?revision=2026\u0026view=revision"
},
{
"name": "FEDORA-2010-10042",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043000.html"
},
{
"name": "FEDORA-2010-10082",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043044.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584929"
},
{
"name": "DSA-2069",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2069"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "znc.cpp in ZNC before 0.092 allows remote authenticated users to cause a denial of service (crash) by requesting traffic statistics when there is an active unauthenticated connection, which triggers a NULL pointer dereference, as demonstrated using (1) a traffic link in the web administration pages or (2) the traffic command in the /znc shell."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-07-12T17:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://znc.svn.sourceforge.net/viewvc/znc/trunk/znc.cpp?r1=2025\u0026r2=2026\u0026pathrev=2026"
},
{
"name": "ADV-2010-1775",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1775"
},
{
"name": "FEDORA-2010-10078",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043043.html"
},
{
"name": "40523",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40523"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/projects/znc/files/znc/0.092/znc-0.092-changelog.txt/view"
},
{
"name": "40982",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/40982"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://znc.svn.sourceforge.net/viewvc/znc?revision=2026\u0026view=revision"
},
{
"name": "FEDORA-2010-10042",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043000.html"
},
{
"name": "FEDORA-2010-10082",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043044.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584929"
},
{
"name": "DSA-2069",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2069"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2448",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "znc.cpp in ZNC before 0.092 allows remote authenticated users to cause a denial of service (crash) by requesting traffic statistics when there is an active unauthenticated connection, which triggers a NULL pointer dereference, as demonstrated using (1) a traffic link in the web administration pages or (2) the traffic command in the /znc shell."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://znc.svn.sourceforge.net/viewvc/znc/trunk/znc.cpp?r1=2025\u0026r2=2026\u0026pathrev=2026",
"refsource": "MISC",
"url": "http://znc.svn.sourceforge.net/viewvc/znc/trunk/znc.cpp?r1=2025\u0026r2=2026\u0026pathrev=2026"
},
{
"name": "ADV-2010-1775",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1775"
},
{
"name": "FEDORA-2010-10078",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043043.html"
},
{
"name": "40523",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40523"
},
{
"name": "http://sourceforge.net/projects/znc/files/znc/0.092/znc-0.092-changelog.txt/view",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/projects/znc/files/znc/0.092/znc-0.092-changelog.txt/view"
},
{
"name": "40982",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40982"
},
{
"name": "http://znc.svn.sourceforge.net/viewvc/znc?revision=2026\u0026view=revision",
"refsource": "CONFIRM",
"url": "http://znc.svn.sourceforge.net/viewvc/znc?revision=2026\u0026view=revision"
},
{
"name": "FEDORA-2010-10042",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043000.html"
},
{
"name": "FEDORA-2010-10082",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043044.html"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584929",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584929"
},
{
"name": "DSA-2069",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2069"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-2448",
"datePublished": "2010-07-12T17:00:00Z",
"dateReserved": "2010-06-24T00:00:00Z",
"dateUpdated": "2024-09-16T22:51:49.519Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-14056 (GCVE-0-2018-14056)
Vulnerability from cvelistv5
Published
2018-07-15 01:00
Modified
2024-08-05 09:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ZNC before 1.7.1-rc1 is prone to a path traversal flaw via ../ in a web skin name to access files outside of the intended skins directories.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:21:40.875Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/znc/znc/commit/a4a5aeeb17d32937d8c7d743dae9a4cc755ce773"
},
{
"name": "DSA-4252",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4252"
},
{
"name": "GLSA-201807-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201807-03"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-07-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ZNC before 1.7.1-rc1 is prone to a path traversal flaw via ../ in a web skin name to access files outside of the intended skins directories."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-21T09:57:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/znc/znc/commit/a4a5aeeb17d32937d8c7d743dae9a4cc755ce773"
},
{
"name": "DSA-4252",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4252"
},
{
"name": "GLSA-201807-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201807-03"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-14056",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ZNC before 1.7.1-rc1 is prone to a path traversal flaw via ../ in a web skin name to access files outside of the intended skins directories."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/znc/znc/commit/a4a5aeeb17d32937d8c7d743dae9a4cc755ce773",
"refsource": "MISC",
"url": "https://github.com/znc/znc/commit/a4a5aeeb17d32937d8c7d743dae9a4cc755ce773"
},
{
"name": "DSA-4252",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4252"
},
{
"name": "GLSA-201807-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201807-03"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-14056",
"datePublished": "2018-07-15T01:00:00",
"dateReserved": "2018-07-14T00:00:00",
"dateUpdated": "2024-08-05T09:21:40.875Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2934 (GCVE-0-2010-2934)
Vulnerability from cvelistv5
Published
2010-08-17 18:00
Modified
2024-08-07 02:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple unspecified vulnerabilities in ZNC 0.092 allow remote attackers to cause a denial of service (exception and daemon crash) via unknown vectors related to "unsafe substr() calls."
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:46:48.593Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2010-2071",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2071"
},
{
"name": "40919",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40919"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://znc.svn.sourceforge.net/viewvc/znc?view=revision\u0026revision=2095"
},
{
"name": "FEDORA-2010-12481",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045385.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=622600"
},
{
"name": "42314",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/42314"
},
{
"name": "[oss-security] 20100810 Re: Re: CVE Request - ZNC",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=128152390219401\u0026w=2"
},
{
"name": "[oss-security] 20100809 CVE Request - ZNC",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=128146352011964\u0026w=2"
},
{
"name": "[oss-security] 20100809 Re: CVE Request - ZNC",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=128146120727810\u0026w=2"
},
{
"name": "FEDORA-2010-12468",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045386.html"
},
{
"name": "40970",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40970"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in ZNC 0.092 allow remote attackers to cause a denial of service (exception and daemon crash) via unknown vectors related to \"unsafe substr() calls.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-08-17T18:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "ADV-2010-2071",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2071"
},
{
"name": "40919",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40919"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://znc.svn.sourceforge.net/viewvc/znc?view=revision\u0026revision=2095"
},
{
"name": "FEDORA-2010-12481",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045385.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=622600"
},
{
"name": "42314",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/42314"
},
{
"name": "[oss-security] 20100810 Re: Re: CVE Request - ZNC",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=128152390219401\u0026w=2"
},
{
"name": "[oss-security] 20100809 CVE Request - ZNC",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=128146352011964\u0026w=2"
},
{
"name": "[oss-security] 20100809 Re: CVE Request - ZNC",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=128146120727810\u0026w=2"
},
{
"name": "FEDORA-2010-12468",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045386.html"
},
{
"name": "40970",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40970"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-2934",
"datePublished": "2010-08-17T18:00:00Z",
"dateReserved": "2010-08-04T00:00:00Z",
"dateUpdated": "2024-08-07T02:46:48.593Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2130 (GCVE-0-2013-2130)
Vulnerability from cvelistv5
Published
2014-06-05 20:00
Modified
2024-08-06 15:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ZNC 1.0 allows remote authenticated users to cause a denial of service (NULL pointer reference and crash) via a crafted request to the (1) editnetwork, (2) editchan, (3) addchan, or (4) delchan page in modules/webadmin.cpp.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:27:41.004Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2013-0257.html"
},
{
"name": "[oss-security] 20130530 Re: CVE request: znc: null pointer dereference in webadmin",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/05/30/3"
},
{
"name": "53450",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/53450"
},
{
"name": "FEDORA-2013-14123",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114172.html"
},
{
"name": "MDVSA-2015:013",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:013"
},
{
"name": "FEDORA-2013-14132",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114144.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/znc/znc/commit/2bd410ee5570cea127233f1133ea22f25174eb28"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-05-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ZNC 1.0 allows remote authenticated users to cause a denial of service (NULL pointer reference and crash) via a crafted request to the (1) editnetwork, (2) editchan, (3) addchan, or (4) delchan page in modules/webadmin.cpp."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-03-24T17:57:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2013-0257.html"
},
{
"name": "[oss-security] 20130530 Re: CVE request: znc: null pointer dereference in webadmin",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/05/30/3"
},
{
"name": "53450",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/53450"
},
{
"name": "FEDORA-2013-14123",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114172.html"
},
{
"name": "MDVSA-2015:013",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:013"
},
{
"name": "FEDORA-2013-14132",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114144.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/znc/znc/commit/2bd410ee5570cea127233f1133ea22f25174eb28"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-2130",
"datePublished": "2014-06-05T20:00:00",
"dateReserved": "2013-02-19T00:00:00",
"dateUpdated": "2024-08-06T15:27:41.004Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0759 (GCVE-0-2009-0759)
Vulnerability from cvelistv5
Published
2009-03-03 16:00
Modified
2024-08-07 04:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple CRLF injection vulnerabilities in webadmin in ZNC before 0.066 allow remote authenticated users to modify the znc.conf configuration file and gain privileges via CRLF sequences in the quit message and other vectors.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:48:51.664Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "34230",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34230"
},
{
"name": "DSA-1735",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1735"
},
{
"name": "[oss-security] 20090301 CVE id request: znc",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/03/01/2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://znc.svn.sourceforge.net/viewvc/znc?view=rev\u0026sortby=rev\u0026sortdir=down\u0026revision=1395"
},
{
"name": "52295",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/52295"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://znc.svn.sourceforge.net/viewvc/znc/trunk/modules/webadmin.cpp?view=log\u0026sortby=rev\u0026sortdir=down\u0026pathrev=1395"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://znc.svn.sourceforge.net/viewvc/znc?view=rev\u0026sortby=rev\u0026sortdir=down\u0026revision=1396"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-02-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple CRLF injection vulnerabilities in webadmin in ZNC before 0.066 allow remote authenticated users to modify the znc.conf configuration file and gain privileges via CRLF sequences in the quit message and other vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-03-18T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "34230",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34230"
},
{
"name": "DSA-1735",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1735"
},
{
"name": "[oss-security] 20090301 CVE id request: znc",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/03/01/2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://znc.svn.sourceforge.net/viewvc/znc?view=rev\u0026sortby=rev\u0026sortdir=down\u0026revision=1395"
},
{
"name": "52295",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/52295"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://znc.svn.sourceforge.net/viewvc/znc/trunk/modules/webadmin.cpp?view=log\u0026sortby=rev\u0026sortdir=down\u0026pathrev=1395"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://znc.svn.sourceforge.net/viewvc/znc?view=rev\u0026sortby=rev\u0026sortdir=down\u0026revision=1396"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0759",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple CRLF injection vulnerabilities in webadmin in ZNC before 0.066 allow remote authenticated users to modify the znc.conf configuration file and gain privileges via CRLF sequences in the quit message and other vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "34230",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34230"
},
{
"name": "DSA-1735",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1735"
},
{
"name": "[oss-security] 20090301 CVE id request: znc",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/03/01/2"
},
{
"name": "http://znc.svn.sourceforge.net/viewvc/znc?view=rev\u0026sortby=rev\u0026sortdir=down\u0026revision=1395",
"refsource": "CONFIRM",
"url": "http://znc.svn.sourceforge.net/viewvc/znc?view=rev\u0026sortby=rev\u0026sortdir=down\u0026revision=1395"
},
{
"name": "52295",
"refsource": "OSVDB",
"url": "http://osvdb.org/52295"
},
{
"name": "http://znc.svn.sourceforge.net/viewvc/znc/trunk/modules/webadmin.cpp?view=log\u0026sortby=rev\u0026sortdir=down\u0026pathrev=1395",
"refsource": "CONFIRM",
"url": "http://znc.svn.sourceforge.net/viewvc/znc/trunk/modules/webadmin.cpp?view=log\u0026sortby=rev\u0026sortdir=down\u0026pathrev=1395"
},
{
"name": "http://znc.svn.sourceforge.net/viewvc/znc?view=rev\u0026sortby=rev\u0026sortdir=down\u0026revision=1396",
"refsource": "CONFIRM",
"url": "http://znc.svn.sourceforge.net/viewvc/znc?view=rev\u0026sortby=rev\u0026sortdir=down\u0026revision=1396"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0759",
"datePublished": "2009-03-03T16:00:00",
"dateReserved": "2009-03-03T00:00:00",
"dateUpdated": "2024-08-07T04:48:51.664Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9403 (GCVE-0-2014-9403)
Vulnerability from cvelistv5
Published
2014-12-19 15:00
Modified
2024-08-06 13:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The CWebAdminMod::ChanPage function in modules/webadmin.cpp in ZNC before 1.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) by adding a channel with the same name as an existing channel but without the leading # character, related to a "use-after-delete" error.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:40:25.180Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2014-0543.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/znc/znc/issues/528"
},
{
"name": "MDVSA-2015:013",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:013"
},
{
"name": "[oss-security] 20141217 Re: CVE Request: ZNC NULL Pointer Dereference",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/12/18/2"
},
{
"name": "66926",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66926"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/znc/znc/blob/master/ChangeLog.md"
},
{
"name": "57795",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/57795"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The CWebAdminMod::ChanPage function in modules/webadmin.cpp in ZNC before 1.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) by adding a channel with the same name as an existing channel but without the leading # character, related to a \"use-after-delete\" error."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-03-24T17:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2014-0543.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/znc/znc/issues/528"
},
{
"name": "MDVSA-2015:013",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:013"
},
{
"name": "[oss-security] 20141217 Re: CVE Request: ZNC NULL Pointer Dereference",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/12/18/2"
},
{
"name": "66926",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66926"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/znc/znc/blob/master/ChangeLog.md"
},
{
"name": "57795",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/57795"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9403",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The CWebAdminMod::ChanPage function in modules/webadmin.cpp in ZNC before 1.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) by adding a channel with the same name as an existing channel but without the leading # character, related to a \"use-after-delete\" error."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://advisories.mageia.org/MGASA-2014-0543.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0543.html"
},
{
"name": "https://github.com/znc/znc/issues/528",
"refsource": "CONFIRM",
"url": "https://github.com/znc/znc/issues/528"
},
{
"name": "MDVSA-2015:013",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:013"
},
{
"name": "[oss-security] 20141217 Re: CVE Request: ZNC NULL Pointer Dereference",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/12/18/2"
},
{
"name": "66926",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66926"
},
{
"name": "https://github.com/znc/znc/blob/master/ChangeLog.md",
"refsource": "CONFIRM",
"url": "https://github.com/znc/znc/blob/master/ChangeLog.md"
},
{
"name": "57795",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57795"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9403",
"datePublished": "2014-12-19T15:00:00",
"dateReserved": "2014-12-17T00:00:00",
"dateUpdated": "2024-08-06T13:40:25.180Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2812 (GCVE-0-2010-2812)
Vulnerability from cvelistv5
Published
2010-08-17 18:00
Modified
2024-08-07 02:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Client.cpp in ZNC 0.092 allows remote attackers to cause a denial of service (exception and daemon crash) via a PING command that lacks an argument.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:46:48.082Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2010-2071",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2071"
},
{
"name": "40919",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40919"
},
{
"name": "FEDORA-2010-12481",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045385.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=622600"
},
{
"name": "42314",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/42314"
},
{
"name": "[oss-security] 20100810 Re: Re: CVE Request - ZNC",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=128152390219401\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://znc.svn.sourceforge.net/viewvc/znc/trunk/Client.cpp?r1=2093\u0026r2=2092\u0026pathrev=2093"
},
{
"name": "[oss-security] 20100809 CVE Request - ZNC",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=128146352011964\u0026w=2"
},
{
"name": "[oss-security] 20100809 Re: CVE Request - ZNC",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=128146120727810\u0026w=2"
},
{
"name": "FEDORA-2010-12468",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045386.html"
},
{
"name": "40970",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40970"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://znc.svn.sourceforge.net/viewvc/znc?view=revision\u0026revision=2093"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Client.cpp in ZNC 0.092 allows remote attackers to cause a denial of service (exception and daemon crash) via a PING command that lacks an argument."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-08-17T18:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "ADV-2010-2071",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2071"
},
{
"name": "40919",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40919"
},
{
"name": "FEDORA-2010-12481",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045385.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=622600"
},
{
"name": "42314",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/42314"
},
{
"name": "[oss-security] 20100810 Re: Re: CVE Request - ZNC",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=128152390219401\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://znc.svn.sourceforge.net/viewvc/znc/trunk/Client.cpp?r1=2093\u0026r2=2092\u0026pathrev=2093"
},
{
"name": "[oss-security] 20100809 CVE Request - ZNC",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=128146352011964\u0026w=2"
},
{
"name": "[oss-security] 20100809 Re: CVE Request - ZNC",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=128146120727810\u0026w=2"
},
{
"name": "FEDORA-2010-12468",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045386.html"
},
{
"name": "40970",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40970"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://znc.svn.sourceforge.net/viewvc/znc?view=revision\u0026revision=2093"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-2812",
"datePublished": "2010-08-17T18:00:00Z",
"dateReserved": "2010-07-22T00:00:00Z",
"dateUpdated": "2024-08-07T02:46:48.082Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2488 (GCVE-0-2010-2488)
Vulnerability from cvelistv5
Published
2019-11-12 19:48
Modified
2024-08-07 02:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- null pointer deref
Summary
NULL pointer dereference vulnerability in ZNC before 0.092 caused by traffic stats when there are unauthenticated connections.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:32:16.764Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2010-2488"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2010-2488"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584929"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wiki.znc.in/ChangeLog/0.092"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "znc",
"vendor": "znc",
"versions": [
{
"status": "affected",
"version": "before 0.092"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NULL pointer dereference vulnerability in ZNC before 0.092 caused by traffic stats when there are unauthenticated connections."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "null pointer deref",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-12T19:48:56",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2010-2488"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://access.redhat.com/security/cve/cve-2010-2488"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584929"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wiki.znc.in/ChangeLog/0.092"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-2488",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "znc",
"version": {
"version_data": [
{
"version_value": "before 0.092"
}
]
}
}
]
},
"vendor_name": "znc"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NULL pointer dereference vulnerability in ZNC before 0.092 caused by traffic stats when there are unauthenticated connections."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "null pointer deref"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security-tracker.debian.org/tracker/CVE-2010-2488",
"refsource": "MISC",
"url": "https://security-tracker.debian.org/tracker/CVE-2010-2488"
},
{
"name": "https://access.redhat.com/security/cve/cve-2010-2488",
"refsource": "MISC",
"url": "https://access.redhat.com/security/cve/cve-2010-2488"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584929",
"refsource": "MISC",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584929"
},
{
"name": "https://wiki.znc.in/ChangeLog/0.092",
"refsource": "CONFIRM",
"url": "https://wiki.znc.in/ChangeLog/0.092"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-2488",
"datePublished": "2019-11-12T19:48:56",
"dateReserved": "2010-06-28T00:00:00",
"dateUpdated": "2024-08-07T02:32:16.764Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-14055 (GCVE-0-2018-14055)
Vulnerability from cvelistv5
Published
2018-07-15 01:00
Modified
2024-08-05 09:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ZNC before 1.7.1-rc1 does not properly validate untrusted lines coming from the network, allowing a non-admin user to escalate his privilege and inject rogue values into znc.conf.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:21:40.831Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/znc/znc/commit/a7bfbd93812950b7444841431e8e297e62cb524e"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/znc/znc/commit/d22fef8620cdd87490754f607e7153979731c69d"
},
{
"name": "DSA-4252",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4252"
},
{
"name": "GLSA-201807-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201807-03"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-07-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ZNC before 1.7.1-rc1 does not properly validate untrusted lines coming from the network, allowing a non-admin user to escalate his privilege and inject rogue values into znc.conf."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-21T09:57:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/znc/znc/commit/a7bfbd93812950b7444841431e8e297e62cb524e"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/znc/znc/commit/d22fef8620cdd87490754f607e7153979731c69d"
},
{
"name": "DSA-4252",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4252"
},
{
"name": "GLSA-201807-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201807-03"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-14055",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ZNC before 1.7.1-rc1 does not properly validate untrusted lines coming from the network, allowing a non-admin user to escalate his privilege and inject rogue values into znc.conf."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/znc/znc/commit/a7bfbd93812950b7444841431e8e297e62cb524e",
"refsource": "MISC",
"url": "https://github.com/znc/znc/commit/a7bfbd93812950b7444841431e8e297e62cb524e"
},
{
"name": "https://github.com/znc/znc/commit/d22fef8620cdd87490754f607e7153979731c69d",
"refsource": "MISC",
"url": "https://github.com/znc/znc/commit/d22fef8620cdd87490754f607e7153979731c69d"
},
{
"name": "DSA-4252",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4252"
},
{
"name": "GLSA-201807-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201807-03"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-14055",
"datePublished": "2018-07-15T01:00:00",
"dateReserved": "2018-07-14T00:00:00",
"dateUpdated": "2024-08-05T09:21:40.831Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-2658 (GCVE-0-2009-2658)
Vulnerability from cvelistv5
Published
2009-08-04 16:13
Modified
2024-08-07 05:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Directory traversal vulnerability in ZNC before 0.072 allows remote attackers to overwrite arbitrary files via a crafted DCC SEND request.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:59:56.912Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://en.znc.in/w/index.php?title=ZNC\u0026oldid=3209#WARNING"
},
{
"name": "[oss-security] 20090721 CVE Request -- znc",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/07/21/5"
},
{
"name": "FEDORA-2009-7937",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00965.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://znc.svn.sourceforge.net/viewvc/znc?view=rev\u0026sortby=rev\u0026sortdir=down\u0026revision=1570"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://en.znc.in/wiki/ChangeLog/0.072"
},
{
"name": "35916",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35916"
},
{
"name": "DSA-1848",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1848"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-07-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in ZNC before 0.072 allows remote attackers to overwrite arbitrary files via a crafted DCC SEND request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-08-12T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://en.znc.in/w/index.php?title=ZNC\u0026oldid=3209#WARNING"
},
{
"name": "[oss-security] 20090721 CVE Request -- znc",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/07/21/5"
},
{
"name": "FEDORA-2009-7937",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00965.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://znc.svn.sourceforge.net/viewvc/znc?view=rev\u0026sortby=rev\u0026sortdir=down\u0026revision=1570"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://en.znc.in/wiki/ChangeLog/0.072"
},
{
"name": "35916",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35916"
},
{
"name": "DSA-1848",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1848"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2658",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in ZNC before 0.072 allows remote attackers to overwrite arbitrary files via a crafted DCC SEND request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://en.znc.in/w/index.php?title=ZNC\u0026oldid=3209#WARNING",
"refsource": "CONFIRM",
"url": "http://en.znc.in/w/index.php?title=ZNC\u0026oldid=3209#WARNING"
},
{
"name": "[oss-security] 20090721 CVE Request -- znc",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/07/21/5"
},
{
"name": "FEDORA-2009-7937",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00965.html"
},
{
"name": "http://znc.svn.sourceforge.net/viewvc/znc?view=rev\u0026sortby=rev\u0026sortdir=down\u0026revision=1570",
"refsource": "CONFIRM",
"url": "http://znc.svn.sourceforge.net/viewvc/znc?view=rev\u0026sortby=rev\u0026sortdir=down\u0026revision=1570"
},
{
"name": "http://en.znc.in/wiki/ChangeLog/0.072",
"refsource": "CONFIRM",
"url": "http://en.znc.in/wiki/ChangeLog/0.072"
},
{
"name": "35916",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35916"
},
{
"name": "DSA-1848",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1848"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2658",
"datePublished": "2009-08-04T16:13:00",
"dateReserved": "2009-08-04T00:00:00",
"dateUpdated": "2024-08-07T05:59:56.912Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-12816 (GCVE-0-2019-12816)
Vulnerability from cvelistv5
Published
2019-06-15 15:40
Modified
2024-08-04 23:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Modules.cpp in ZNC before 1.7.4-rc1 allows remote authenticated non-admin users to escalate privileges and execute arbitrary code by loading a module with a crafted name.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:32:55.159Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/znc/znc/commit/8de9e376ce531fe7f3c8b0aa4876d15b479b7311"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/znc/znc/compare/be1b6bc...d1997d6"
},
{
"name": "20190617 [SECURITY] [DSA 4463-1] znc security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Jun/23"
},
{
"name": "[debian-lts-announce] 20190620 [SECURITY] [DLA 1830-1] znc security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00017.html"
},
{
"name": "USN-4044-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4044-1/"
},
{
"name": "openSUSE-SU-2019:1775",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00037.html"
},
{
"name": "openSUSE-SU-2019:1859",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00018.html"
},
{
"name": "GLSA-201908-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201908-15"
},
{
"name": "FEDORA-2019-154930f99b",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NHR6OD52FQAG5ZPZ42NJM2T765C3V2XC/"
},
{
"name": "FEDORA-2019-233d9b9a5e",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEESIGRNFLZUWXZPDGXAZ7JZTHYBDJ7G/"
},
{
"name": "FEDORA-2019-0e70ef9cbb",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4O24TQOB73X57GACLZVMRVUK4UKHLE5G/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Modules.cpp in ZNC before 1.7.4-rc1 allows remote authenticated non-admin users to escalate privileges and execute arbitrary code by loading a module with a crafted name."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-07T02:06:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/znc/znc/commit/8de9e376ce531fe7f3c8b0aa4876d15b479b7311"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/znc/znc/compare/be1b6bc...d1997d6"
},
{
"name": "20190617 [SECURITY] [DSA 4463-1] znc security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Jun/23"
},
{
"name": "[debian-lts-announce] 20190620 [SECURITY] [DLA 1830-1] znc security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00017.html"
},
{
"name": "USN-4044-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4044-1/"
},
{
"name": "openSUSE-SU-2019:1775",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00037.html"
},
{
"name": "openSUSE-SU-2019:1859",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00018.html"
},
{
"name": "GLSA-201908-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201908-15"
},
{
"name": "FEDORA-2019-154930f99b",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NHR6OD52FQAG5ZPZ42NJM2T765C3V2XC/"
},
{
"name": "FEDORA-2019-233d9b9a5e",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEESIGRNFLZUWXZPDGXAZ7JZTHYBDJ7G/"
},
{
"name": "FEDORA-2019-0e70ef9cbb",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4O24TQOB73X57GACLZVMRVUK4UKHLE5G/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-12816",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Modules.cpp in ZNC before 1.7.4-rc1 allows remote authenticated non-admin users to escalate privileges and execute arbitrary code by loading a module with a crafted name."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/znc/znc/commit/8de9e376ce531fe7f3c8b0aa4876d15b479b7311",
"refsource": "CONFIRM",
"url": "https://github.com/znc/znc/commit/8de9e376ce531fe7f3c8b0aa4876d15b479b7311"
},
{
"name": "https://github.com/znc/znc/compare/be1b6bc...d1997d6",
"refsource": "CONFIRM",
"url": "https://github.com/znc/znc/compare/be1b6bc...d1997d6"
},
{
"name": "20190617 [SECURITY] [DSA 4463-1] znc security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Jun/23"
},
{
"name": "[debian-lts-announce] 20190620 [SECURITY] [DLA 1830-1] znc security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00017.html"
},
{
"name": "USN-4044-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4044-1/"
},
{
"name": "openSUSE-SU-2019:1775",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00037.html"
},
{
"name": "openSUSE-SU-2019:1859",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00018.html"
},
{
"name": "GLSA-201908-15",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201908-15"
},
{
"name": "FEDORA-2019-154930f99b",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NHR6OD52FQAG5ZPZ42NJM2T765C3V2XC/"
},
{
"name": "FEDORA-2019-233d9b9a5e",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TEESIGRNFLZUWXZPDGXAZ7JZTHYBDJ7G/"
},
{
"name": "FEDORA-2019-0e70ef9cbb",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4O24TQOB73X57GACLZVMRVUK4UKHLE5G/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-12816",
"datePublished": "2019-06-15T15:40:41",
"dateReserved": "2019-06-13T00:00:00",
"dateUpdated": "2024-08-04T23:32:55.159Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2010-08-17 22:00
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple unspecified vulnerabilities in ZNC 0.092 allow remote attackers to cause a denial of service (exception and daemon crash) via unknown vectors related to "unsafe substr() calls."
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045385.html | ||
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045386.html | ||
| secalert@redhat.com | http://marc.info/?l=oss-security&m=128146120727810&w=2 | ||
| secalert@redhat.com | http://marc.info/?l=oss-security&m=128146352011964&w=2 | ||
| secalert@redhat.com | http://marc.info/?l=oss-security&m=128152390219401&w=2 | ||
| secalert@redhat.com | http://secunia.com/advisories/40919 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/40970 | Vendor Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/42314 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/2071 | Vendor Advisory | |
| secalert@redhat.com | http://znc.svn.sourceforge.net/viewvc/znc?view=revision&revision=2095 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=622600 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045385.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045386.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=oss-security&m=128146120727810&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=oss-security&m=128146352011964&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=oss-security&m=128152390219401&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/40919 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/40970 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/42314 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/2071 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://znc.svn.sourceforge.net/viewvc/znc?view=revision&revision=2095 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=622600 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:znc:znc:0.092:*:*:*:*:*:*:*",
"matchCriteriaId": "B06FD1A9-E6A2-4FF1-AF7F-16A75FCFC7AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in ZNC 0.092 allow remote attackers to cause a denial of service (exception and daemon crash) via unknown vectors related to \"unsafe substr() calls.\""
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades no especificadas en ZNC v0.092 permite a atacantes remotos causar una denegaci\u00f3n de servicio (excepci\u00f3n y parada del demonio) a trav\u00e9s de vectores desconocidos relacionados con \"llamadas substr() no seguras.\""
}
],
"id": "CVE-2010-2934",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-08-17T22:00:01.377",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045385.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045386.html"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=oss-security\u0026m=128146120727810\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=oss-security\u0026m=128146352011964\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=oss-security\u0026m=128152390219401\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40919"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40970"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/42314"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2071"
},
{
"source": "secalert@redhat.com",
"url": "http://znc.svn.sourceforge.net/viewvc/znc?view=revision\u0026revision=2095"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=622600"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045385.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045386.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=oss-security\u0026m=128146120727810\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=oss-security\u0026m=128146352011964\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=oss-security\u0026m=128152390219401\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40919"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40970"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/42314"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2071"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://znc.svn.sourceforge.net/viewvc/znc?view=revision\u0026revision=2095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=622600"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-07-12 17:30
Modified
2025-04-11 00:51
Severity ?
Summary
znc.cpp in ZNC before 0.092 allows remote authenticated users to cause a denial of service (crash) by requesting traffic statistics when there is an active unauthenticated connection, which triggers a NULL pointer dereference, as demonstrated using (1) a traffic link in the web administration pages or (2) the traffic command in the /znc shell.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584929 | ||
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043000.html | ||
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043043.html | ||
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043044.html | ||
| cve@mitre.org | http://secunia.com/advisories/40523 | Vendor Advisory | |
| cve@mitre.org | http://sourceforge.net/projects/znc/files/znc/0.092/znc-0.092-changelog.txt/view | ||
| cve@mitre.org | http://www.debian.org/security/2010/dsa-2069 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/40982 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2010/1775 | Vendor Advisory | |
| cve@mitre.org | http://znc.svn.sourceforge.net/viewvc/znc/trunk/znc.cpp?r1=2025&r2=2026&pathrev=2026 | ||
| cve@mitre.org | http://znc.svn.sourceforge.net/viewvc/znc?revision=2026&view=revision | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584929 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043000.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043043.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043044.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/40523 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceforge.net/projects/znc/files/znc/0.092/znc-0.092-changelog.txt/view | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2010/dsa-2069 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/40982 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/1775 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://znc.svn.sourceforge.net/viewvc/znc/trunk/znc.cpp?r1=2025&r2=2026&pathrev=2026 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://znc.svn.sourceforge.net/viewvc/znc?revision=2026&view=revision | Patch |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| znc | znc | * | |
| znc | znc | 0.034 | |
| znc | znc | 0.041 | |
| znc | znc | 0.043 | |
| znc | znc | 0.044 | |
| znc | znc | 0.045 | |
| znc | znc | 0.047 | |
| znc | znc | 0.050 | |
| znc | znc | 0.052 | |
| znc | znc | 0.054 | |
| znc | znc | 0.056 | |
| znc | znc | 0.058 | |
| znc | znc | 0.060 | |
| znc | znc | 0.062 | |
| znc | znc | 0.064 | |
| znc | znc | 0.066 | |
| znc | znc | 0.068 | |
| znc | znc | 0.070 | |
| znc | znc | 0.072 | |
| znc | znc | 0.074 | |
| znc | znc | 0.076 | |
| znc | znc | 0.078 | |
| znc | znc | 0.080 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:znc:znc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A23F341-516C-482C-814F-560E7E346F4C",
"versionEndIncluding": "0.090",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:znc:znc:0.034:*:*:*:*:*:*:*",
"matchCriteriaId": "CAABF9A2-241D-40DC-A7D9-6864AC3CC6AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:znc:znc:0.041:*:*:*:*:*:*:*",
"matchCriteriaId": "4B15AC84-9EC6-4558-A445-F4085659B4F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:znc:znc:0.043:*:*:*:*:*:*:*",
"matchCriteriaId": "9CE21062-0BFC-476A-B616-15B7DF79A895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:znc:znc:0.044:*:*:*:*:*:*:*",
"matchCriteriaId": "0C012D55-9039-4D68-9CA0-5624ADEF583F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:znc:znc:0.045:*:*:*:*:*:*:*",
"matchCriteriaId": "0C185E34-735D-4839-8C05-B46CE7028765",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:znc:znc:0.047:*:*:*:*:*:*:*",
"matchCriteriaId": "60AEE9F9-78B7-40B4-B28A-1B8F068CA953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:znc:znc:0.050:*:*:*:*:*:*:*",
"matchCriteriaId": "453B05F9-C630-4329-BE91-8EEA6B0C47D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:znc:znc:0.052:*:*:*:*:*:*:*",
"matchCriteriaId": "4AECFB9F-9630-438F-9BE4-E4A44A5023FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:znc:znc:0.054:*:*:*:*:*:*:*",
"matchCriteriaId": "CA564C01-2757-479C-9E33-2D7F0890C61C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:znc:znc:0.056:*:*:*:*:*:*:*",
"matchCriteriaId": "1BFE27D3-487B-41A2-A6CE-AA36E07506BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:znc:znc:0.058:*:*:*:*:*:*:*",
"matchCriteriaId": "13E7CC41-1923-4295-8AFC-8D295FDD9C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:znc:znc:0.060:*:*:*:*:*:*:*",
"matchCriteriaId": "3C2127D9-936F-4E71-BB78-02DE61FF44C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:znc:znc:0.062:*:*:*:*:*:*:*",
"matchCriteriaId": "89151E35-63D2-440E-AD2F-A2BAECA6884B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:znc:znc:0.064:*:*:*:*:*:*:*",
"matchCriteriaId": "952BC3B5-4D07-4C61-B3FE-650FBC699B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:znc:znc:0.066:*:*:*:*:*:*:*",
"matchCriteriaId": "9983141A-3B1F-41EE-809A-0F435EC067C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:znc:znc:0.068:*:*:*:*:*:*:*",
"matchCriteriaId": "6A505A45-4404-4E0E-97AD-69D9C5D280DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:znc:znc:0.070:*:*:*:*:*:*:*",
"matchCriteriaId": "8AB8B51F-4FD7-463B-9E8B-6846E7E690A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:znc:znc:0.072:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCA1336-CE79-4193-89AA-0AA9C399AF7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:znc:znc:0.074:*:*:*:*:*:*:*",
"matchCriteriaId": "41FA061E-155D-4F9F-BFE0-956AEAF977D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:znc:znc:0.076:*:*:*:*:*:*:*",
"matchCriteriaId": "5FCDF1C4-C831-4BC4-91AA-9DF027E9FC75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:znc:znc:0.078:*:*:*:*:*:*:*",
"matchCriteriaId": "6C19FD33-9192-4EC2-B68F-4B49D859E627",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:znc:znc:0.080:*:*:*:*:*:*:*",
"matchCriteriaId": "3209D93B-9DD2-49CE-9C3C-AD8573E4F1DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "znc.cpp in ZNC before 0.092 allows remote authenticated users to cause a denial of service (crash) by requesting traffic statistics when there is an active unauthenticated connection, which triggers a NULL pointer dereference, as demonstrated using (1) a traffic link in the web administration pages or (2) the traffic command in the /znc shell."
},
{
"lang": "es",
"value": "znc.cpp en ZNC antes de v0.092 permite a los usuarios remotos autenticados causar una denegaci\u00f3n de servicio (caida de la aplicaci\u00f3n) al solicitar las estad\u00edsticas de tr\u00e1fico cuando hay una conexi\u00f3n activa no autenticada, lo que desencadena una referencia a un puntero NULL, como se ha demostrado usando (1) un enlace de tr\u00e1fico en la p\u00e1ginas web de administraci\u00f3n o (2) el comando traffic en la shell /znc."
}
],
"evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/476.html\r\n\r\n\u0027CWE-476: NULL Pointer Dereference\u0027",
"id": "CVE-2010-2448",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-07-12T17:30:01.377",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584929"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043000.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043043.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043044.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40523"
},
{
"source": "cve@mitre.org",
"url": "http://sourceforge.net/projects/znc/files/znc/0.092/znc-0.092-changelog.txt/view"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2010/dsa-2069"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/40982"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1775"
},
{
"source": "cve@mitre.org",
"url": "http://znc.svn.sourceforge.net/viewvc/znc/trunk/znc.cpp?r1=2025\u0026r2=2026\u0026pathrev=2026"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://znc.svn.sourceforge.net/viewvc/znc?revision=2026\u0026view=revision"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584929"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043043.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043044.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40523"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceforge.net/projects/znc/files/znc/0.092/znc-0.092-changelog.txt/view"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2010/dsa-2069"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/40982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1775"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://znc.svn.sourceforge.net/viewvc/znc/trunk/znc.cpp?r1=2025\u0026r2=2026\u0026pathrev=2026"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://znc.svn.sourceforge.net/viewvc/znc?revision=2026\u0026view=revision"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-07-15 01:29
Modified
2024-11-21 03:48
Severity ?
Summary
ZNC before 1.7.1-rc1 does not properly validate untrusted lines coming from the network, allowing a non-admin user to escalate his privilege and inject rogue values into znc.conf.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/znc/znc/commit/a7bfbd93812950b7444841431e8e297e62cb524e | Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/znc/znc/commit/d22fef8620cdd87490754f607e7153979731c69d | Patch, Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201807-03 | Third Party Advisory | |
| cve@mitre.org | https://www.debian.org/security/2018/dsa-4252 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/znc/znc/commit/a7bfbd93812950b7444841431e8e297e62cb524e | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/znc/znc/commit/d22fef8620cdd87490754f607e7153979731c69d | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201807-03 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2018/dsa-4252 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| znc | znc | * | |
| debian | debian_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:znc:znc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5E5C246-94BF-4233-A1A5-7924D253C052",
"versionEndIncluding": "1.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ZNC before 1.7.1-rc1 does not properly validate untrusted lines coming from the network, allowing a non-admin user to escalate his privilege and inject rogue values into znc.conf."
},
{
"lang": "es",
"value": "ZNC en versiones anteriores a la 1.7.1-rc1 no valida correctamente las l\u00edneas no fiables provenientes de la red, lo que permite que un usuario que no es administrador escale sus privilegios e inyecte valores no autorizados en znc.conf."
}
],
"id": "CVE-2018-14055",
"lastModified": "2024-11-21T03:48:31.890",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-07-15T01:29:03.587",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/znc/znc/commit/a7bfbd93812950b7444841431e8e297e62cb524e"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/znc/znc/commit/d22fef8620cdd87490754f607e7153979731c69d"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201807-03"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4252"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/znc/znc/commit/a7bfbd93812950b7444841431e8e297e62cb524e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/znc/znc/commit/d22fef8620cdd87490754f607e7153979731c69d"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201807-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4252"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-12-19 15:59
Modified
2025-04-12 10:46
Severity ?
Summary
The CWebAdminMod::ChanPage function in modules/webadmin.cpp in ZNC before 1.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) by adding a channel with the same name as an existing channel but without the leading # character, related to a "use-after-delete" error.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://advisories.mageia.org/MGASA-2014-0543.html | ||
| cve@mitre.org | http://secunia.com/advisories/57795 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2015:013 | ||
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2014/12/18/2 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/66926 | ||
| cve@mitre.org | https://github.com/znc/znc/blob/master/ChangeLog.md | ||
| cve@mitre.org | https://github.com/znc/znc/issues/528 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://advisories.mageia.org/MGASA-2014-0543.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/57795 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2015:013 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2014/12/18/2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/66926 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/znc/znc/blob/master/ChangeLog.md | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/znc/znc/issues/528 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:znc:znc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D796D4D-8658-494F-A39B-811974883A92",
"versionEndIncluding": "1.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The CWebAdminMod::ChanPage function in modules/webadmin.cpp in ZNC before 1.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) by adding a channel with the same name as an existing channel but without the leading # character, related to a \"use-after-delete\" error."
},
{
"lang": "es",
"value": "La funci\u00f3n CWebAdminMod::ChanPage en modules/webadmin.cpp en ZNC anterior a 1.4 permite a usuarios remotos autenticados provocar una denegaci\u00f3n de servicio (referencia a puntero nulo y ca\u00edda) al a\u00f1adir un canal con el mismo nombre al de uno existente pero sin el caracter # inicial, relacionado con un error de uso despu\u00e9s de liberaci\u00f3n (use-after-free)."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/476.html\"\u003eCWE-476: NULL Pointer Dereference\u003c/a\u003e",
"id": "CVE-2014-9403",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-12-19T15:59:32.457",
"references": [
{
"source": "cve@mitre.org",
"url": "http://advisories.mageia.org/MGASA-2014-0543.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/57795"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:013"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2014/12/18/2"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/66926"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/znc/znc/blob/master/ChangeLog.md"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/znc/znc/issues/528"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://advisories.mageia.org/MGASA-2014-0543.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/57795"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:013"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2014/12/18/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/66926"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/znc/znc/blob/master/ChangeLog.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/znc/znc/issues/528"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-03-03 16:30
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple CRLF injection vulnerabilities in webadmin in ZNC before 0.066 allow remote authenticated users to modify the znc.conf configuration file and gain privileges via CRLF sequences in the quit message and other vectors.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://osvdb.org/52295 | ||
| cve@mitre.org | http://secunia.com/advisories/34230 | ||
| cve@mitre.org | http://www.debian.org/security/2009/dsa-1735 | ||
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2009/03/01/2 | ||
| cve@mitre.org | http://znc.svn.sourceforge.net/viewvc/znc/trunk/modules/webadmin.cpp?view=log&sortby=rev&sortdir=down&pathrev=1395 | Vendor Advisory | |
| cve@mitre.org | http://znc.svn.sourceforge.net/viewvc/znc?view=rev&sortby=rev&sortdir=down&revision=1395 | Vendor Advisory | |
| cve@mitre.org | http://znc.svn.sourceforge.net/viewvc/znc?view=rev&sortby=rev&sortdir=down&revision=1396 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/52295 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34230 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2009/dsa-1735 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2009/03/01/2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://znc.svn.sourceforge.net/viewvc/znc/trunk/modules/webadmin.cpp?view=log&sortby=rev&sortdir=down&pathrev=1395 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://znc.svn.sourceforge.net/viewvc/znc?view=rev&sortby=rev&sortdir=down&revision=1395 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://znc.svn.sourceforge.net/viewvc/znc?view=rev&sortby=rev&sortdir=down&revision=1396 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:znc:znc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3BC1DA6-B072-4966-9865-2D62B4614206",
"versionEndIncluding": "0.062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:znc:znc:0.056:*:*:*:*:*:*:*",
"matchCriteriaId": "1BFE27D3-487B-41A2-A6CE-AA36E07506BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:znc:znc:0.058:*:*:*:*:*:*:*",
"matchCriteriaId": "13E7CC41-1923-4295-8AFC-8D295FDD9C5D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple CRLF injection vulnerabilities in webadmin in ZNC before 0.066 allow remote authenticated users to modify the znc.conf configuration file and gain privileges via CRLF sequences in the quit message and other vectors."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de inyecci\u00f3n de retorno de carro y salto de l\u00ednea (CRLF) en ZNC antes de v0.066 permite a usuarios remotos autentificados modificar el fichero de configuraci\u00f3n znc.conf y conseguir un aumento de privilegios a trav\u00e9s de secuencias CRLF en el mensaje \"quit\" y otros vectores."
}
],
"id": "CVE-2009-0759",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-03-03T16:30:05.327",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/52295"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/34230"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2009/dsa-1735"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2009/03/01/2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://znc.svn.sourceforge.net/viewvc/znc/trunk/modules/webadmin.cpp?view=log\u0026sortby=rev\u0026sortdir=down\u0026pathrev=1395"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://znc.svn.sourceforge.net/viewvc/znc?view=rev\u0026sortby=rev\u0026sortdir=down\u0026revision=1395"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://znc.svn.sourceforge.net/viewvc/znc?view=rev\u0026sortby=rev\u0026sortdir=down\u0026revision=1396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/52295"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34230"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2009/dsa-1735"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2009/03/01/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://znc.svn.sourceforge.net/viewvc/znc/trunk/modules/webadmin.cpp?view=log\u0026sortby=rev\u0026sortdir=down\u0026pathrev=1395"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://znc.svn.sourceforge.net/viewvc/znc?view=rev\u0026sortby=rev\u0026sortdir=down\u0026revision=1395"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://znc.svn.sourceforge.net/viewvc/znc?view=rev\u0026sortby=rev\u0026sortdir=down\u0026revision=1396"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-06-15 16:29
Modified
2024-11-21 04:23
Severity ?
Summary
Modules.cpp in ZNC before 1.7.4-rc1 allows remote authenticated non-admin users to escalate privileges and execute arbitrary code by loading a module with a crafted name.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00037.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00018.html | ||
| cve@mitre.org | https://github.com/znc/znc/commit/8de9e376ce531fe7f3c8b0aa4876d15b479b7311 | Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/znc/znc/compare/be1b6bc...d1997d6 | Patch, Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2019/06/msg00017.html | ||
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4O24TQOB73X57GACLZVMRVUK4UKHLE5G/ | ||
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NHR6OD52FQAG5ZPZ42NJM2T765C3V2XC/ | ||
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEESIGRNFLZUWXZPDGXAZ7JZTHYBDJ7G/ | ||
| cve@mitre.org | https://seclists.org/bugtraq/2019/Jun/23 | Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201908-15 | ||
| cve@mitre.org | https://usn.ubuntu.com/4044-1/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00037.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00018.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/znc/znc/commit/8de9e376ce531fe7f3c8b0aa4876d15b479b7311 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/znc/znc/compare/be1b6bc...d1997d6 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2019/06/msg00017.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4O24TQOB73X57GACLZVMRVUK4UKHLE5G/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NHR6OD52FQAG5ZPZ42NJM2T765C3V2XC/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEESIGRNFLZUWXZPDGXAZ7JZTHYBDJ7G/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/bugtraq/2019/Jun/23 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201908-15 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/4044-1/ |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:znc:znc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB7DA41D-1A52-4F99-ACC0-422F16796399",
"versionEndIncluding": "1.7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Modules.cpp in ZNC before 1.7.4-rc1 allows remote authenticated non-admin users to escalate privileges and execute arbitrary code by loading a module with a crafted name."
},
{
"lang": "es",
"value": "El archivo Modules.cpp en ZNC anterior a versi\u00f3n 1.7.4-rc1 permite a los usuarios remotos no administradores y autenticados, escalar privilegios y ejecutar c\u00f3digo arbitrario mediante la carga de un m\u00f3dulo con un nombre creado."
}
],
"id": "CVE-2019-12816",
"lastModified": "2024-11-21T04:23:38.520",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-06-15T16:29:00.210",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00037.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00018.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/znc/znc/commit/8de9e376ce531fe7f3c8b0aa4876d15b479b7311"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/znc/znc/compare/be1b6bc...d1997d6"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00017.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4O24TQOB73X57GACLZVMRVUK4UKHLE5G/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NHR6OD52FQAG5ZPZ42NJM2T765C3V2XC/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEESIGRNFLZUWXZPDGXAZ7JZTHYBDJ7G/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Jun/23"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201908-15"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/4044-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00037.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/znc/znc/commit/8de9e376ce531fe7f3c8b0aa4876d15b479b7311"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/znc/znc/compare/be1b6bc...d1997d6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4O24TQOB73X57GACLZVMRVUK4UKHLE5G/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NHR6OD52FQAG5ZPZ42NJM2T765C3V2XC/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEESIGRNFLZUWXZPDGXAZ7JZTHYBDJ7G/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Jun/23"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201908-15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/4044-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-07-15 01:29
Modified
2024-11-21 03:48
Severity ?
Summary
ZNC before 1.7.1-rc1 is prone to a path traversal flaw via ../ in a web skin name to access files outside of the intended skins directories.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/znc/znc/commit/a4a5aeeb17d32937d8c7d743dae9a4cc755ce773 | Patch, Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201807-03 | Third Party Advisory | |
| cve@mitre.org | https://www.debian.org/security/2018/dsa-4252 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/znc/znc/commit/a4a5aeeb17d32937d8c7d743dae9a4cc755ce773 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201807-03 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2018/dsa-4252 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| znc | znc | * | |
| debian | debian_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:znc:znc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5E5C246-94BF-4233-A1A5-7924D253C052",
"versionEndIncluding": "1.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ZNC before 1.7.1-rc1 is prone to a path traversal flaw via ../ in a web skin name to access files outside of the intended skins directories."
},
{
"lang": "es",
"value": "ZNC en versiones anteriores a la 1.7.1-rc1 es propenso a un error de salto de directorio mediante ../ en un nombre de skin web para acceder a archivos fuera del directorio skins planeado."
}
],
"id": "CVE-2018-14056",
"lastModified": "2024-11-21T03:48:32.057",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-07-15T01:29:03.633",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/znc/znc/commit/a4a5aeeb17d32937d8c7d743dae9a4cc755ce773"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201807-03"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4252"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/znc/znc/commit/a4a5aeeb17d32937d8c7d743dae9a4cc755ce773"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201807-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4252"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-08-04 16:30
Modified
2025-04-09 00:30
Severity ?
Summary
Directory traversal vulnerability in ZNC before 0.072 allows remote attackers to overwrite arbitrary files via a crafted DCC SEND request.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://en.znc.in/w/index.php?title=ZNC&oldid=3209#WARNING | ||
| cve@mitre.org | http://en.znc.in/wiki/ChangeLog/0.072 | Patch, Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/35916 | Vendor Advisory | |
| cve@mitre.org | http://www.debian.org/security/2009/dsa-1848 | ||
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2009/07/21/5 | ||
| cve@mitre.org | http://znc.svn.sourceforge.net/viewvc/znc?view=rev&sortby=rev&sortdir=down&revision=1570 | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00965.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://en.znc.in/w/index.php?title=ZNC&oldid=3209#WARNING | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://en.znc.in/wiki/ChangeLog/0.072 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35916 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2009/dsa-1848 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2009/07/21/5 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://znc.svn.sourceforge.net/viewvc/znc?view=rev&sortby=rev&sortdir=down&revision=1570 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00965.html |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:znc:znc:0.044:*:*:*:*:*:*:*",
"matchCriteriaId": "0C012D55-9039-4D68-9CA0-5624ADEF583F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:znc:znc:0.045:*:*:*:*:*:*:*",
"matchCriteriaId": "0C185E34-735D-4839-8C05-B46CE7028765",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:znc:znc:0.047:*:*:*:*:*:*:*",
"matchCriteriaId": "60AEE9F9-78B7-40B4-B28A-1B8F068CA953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:znc:znc:0.052:*:*:*:*:*:*:*",
"matchCriteriaId": "4AECFB9F-9630-438F-9BE4-E4A44A5023FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:znc:znc:0.054:*:*:*:*:*:*:*",
"matchCriteriaId": "CA564C01-2757-479C-9E33-2D7F0890C61C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:znc:znc:0.056:*:*:*:*:*:*:*",
"matchCriteriaId": "1BFE27D3-487B-41A2-A6CE-AA36E07506BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:znc:znc:0.058:*:*:*:*:*:*:*",
"matchCriteriaId": "13E7CC41-1923-4295-8AFC-8D295FDD9C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:znc:znc:0.060:*:*:*:*:*:*:*",
"matchCriteriaId": "3C2127D9-936F-4E71-BB78-02DE61FF44C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:znc:znc:0.062:*:*:*:*:*:*:*",
"matchCriteriaId": "89151E35-63D2-440E-AD2F-A2BAECA6884B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:znc:znc:0.064:*:*:*:*:*:*:*",
"matchCriteriaId": "952BC3B5-4D07-4C61-B3FE-650FBC699B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:znc:znc:0.066:*:*:*:*:*:*:*",
"matchCriteriaId": "9983141A-3B1F-41EE-809A-0F435EC067C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:znc:znc:0.068:*:*:*:*:*:*:*",
"matchCriteriaId": "6A505A45-4404-4E0E-97AD-69D9C5D280DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:znc:znc:0.070:*:*:*:*:*:*:*",
"matchCriteriaId": "8AB8B51F-4FD7-463B-9E8B-6846E7E690A5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in ZNC before 0.072 allows remote attackers to overwrite arbitrary files via a crafted DCC SEND request."
},
{
"lang": "es",
"value": "Vulnerabilidad de salto de directorio en ZNC anterior a v0.072 permite a atacantes remotos sobrescribir ficheros de su elecci\u00f3n a trav\u00e9s de una petici\u00f3n DCC SEND manipulada."
}
],
"id": "CVE-2009-2658",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-08-04T16:30:00.420",
"references": [
{
"source": "cve@mitre.org",
"url": "http://en.znc.in/w/index.php?title=ZNC\u0026oldid=3209#WARNING"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://en.znc.in/wiki/ChangeLog/0.072"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35916"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2009/dsa-1848"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2009/07/21/5"
},
{
"source": "cve@mitre.org",
"url": "http://znc.svn.sourceforge.net/viewvc/znc?view=rev\u0026sortby=rev\u0026sortdir=down\u0026revision=1570"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00965.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://en.znc.in/w/index.php?title=ZNC\u0026oldid=3209#WARNING"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://en.znc.in/wiki/ChangeLog/0.072"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35916"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2009/dsa-1848"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2009/07/21/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://znc.svn.sourceforge.net/viewvc/znc?view=rev\u0026sortby=rev\u0026sortdir=down\u0026revision=1570"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00965.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-06-05 20:55
Modified
2025-04-12 10:46
Severity ?
Summary
ZNC 1.0 allows remote authenticated users to cause a denial of service (NULL pointer reference and crash) via a crafted request to the (1) editnetwork, (2) editchan, (3) addchan, or (4) delchan page in modules/webadmin.cpp.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://advisories.mageia.org/MGASA-2013-0257.html | ||
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114144.html | ||
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114172.html | ||
| secalert@redhat.com | http://secunia.com/advisories/53450 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2015:013 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2013/05/30/3 | ||
| secalert@redhat.com | https://github.com/znc/znc/commit/2bd410ee5570cea127233f1133ea22f25174eb28 | Exploit, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://advisories.mageia.org/MGASA-2013-0257.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114144.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114172.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/53450 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2015:013 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2013/05/30/3 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/znc/znc/commit/2bd410ee5570cea127233f1133ea22f25174eb28 | Exploit, Patch |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:znc:znc:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33DB2465-0979-4EEF-B64B-F5F7D2A831C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ZNC 1.0 allows remote authenticated users to cause a denial of service (NULL pointer reference and crash) via a crafted request to the (1) editnetwork, (2) editchan, (3) addchan, or (4) delchan page in modules/webadmin.cpp."
},
{
"lang": "es",
"value": "ZNC 1.0 permite a usuarios remotos autenticados causar una denegaci\u00f3n de servicio (referencia a puntero nulo y ca\u00edda) a trav\u00e9s de una solicitud manipulada en la p\u00e1gina (1) editnetwork, (2) editchan, (3) addchan o (4) delchan en modules/webadmin.cpp."
}
],
"evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/476.html\n\n\"CWE-476: NULL Pointer Dereference\"",
"id": "CVE-2013-2130",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-06-05T20:55:04.517",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://advisories.mageia.org/MGASA-2013-0257.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114144.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114172.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/53450"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:013"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2013/05/30/3"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch"
],
"url": "https://github.com/znc/znc/commit/2bd410ee5570cea127233f1133ea22f25174eb28"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://advisories.mageia.org/MGASA-2013-0257.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114144.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114172.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/53450"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:013"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2013/05/30/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "https://github.com/znc/znc/commit/2bd410ee5570cea127233f1133ea22f25174eb28"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-03-27 06:29
Modified
2024-11-21 04:52
Severity ?
Summary
ZNC before 1.7.3-rc1 allows an existing remote user to cause a Denial of Service (crash) via invalid encoding.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00037.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00018.html | ||
| cve@mitre.org | https://github.com/znc/znc/commit/64613bc8b6b4adf1e32231f9844d99cd512b8973 | Patch, Third Party Advisory | |
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WTRBTPL7WWKQ7DZ2ALDTCGYUWSE6SL3/ | ||
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WRHCMHI44AW5CJ22WV676BKFUWWCLA7T/ | ||
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZRVSINQHM623GJYYNDSBYSXT2MHKFCYQ/ | ||
| cve@mitre.org | https://seclists.org/bugtraq/2019/Jun/23 | ||
| cve@mitre.org | https://usn.ubuntu.com/3950-1/ | Third Party Advisory | |
| cve@mitre.org | https://www.debian.org/security/2019/dsa-4463 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00037.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00018.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/znc/znc/commit/64613bc8b6b4adf1e32231f9844d99cd512b8973 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WTRBTPL7WWKQ7DZ2ALDTCGYUWSE6SL3/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WRHCMHI44AW5CJ22WV676BKFUWWCLA7T/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZRVSINQHM623GJYYNDSBYSXT2MHKFCYQ/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/bugtraq/2019/Jun/23 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3950-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2019/dsa-4463 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| znc | znc | * | |
| canonical | ubuntu_linux | 18.10 | |
| fedoraproject | fedora | 28 | |
| fedoraproject | fedora | 29 | |
| fedoraproject | fedora | 30 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:znc:znc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "924F4471-68F0-427E-8B61-A2DBAE3F841C",
"versionEndIncluding": "1.7.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*",
"matchCriteriaId": "07C312A0-CD2C-4B9C-B064-6409B25C278F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*",
"matchCriteriaId": "DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*",
"matchCriteriaId": "D100F7CE-FC64-4CC6-852A-6136D72DA419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
"matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ZNC before 1.7.3-rc1 allows an existing remote user to cause a Denial of Service (crash) via invalid encoding."
},
{
"lang": "es",
"value": "ZNC, en versiones anteriores a la 1.7.3-rc1, permite que un usuario remoto existente provoque una denegaci\u00f3n de servicio (cierre inesperado) mediante el cifrado inv\u00e1lido."
}
],
"id": "CVE-2019-9917",
"lastModified": "2024-11-21T04:52:34.147",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-27T06:29:00.390",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00037.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00018.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/znc/znc/commit/64613bc8b6b4adf1e32231f9844d99cd512b8973"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WTRBTPL7WWKQ7DZ2ALDTCGYUWSE6SL3/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WRHCMHI44AW5CJ22WV676BKFUWWCLA7T/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZRVSINQHM623GJYYNDSBYSXT2MHKFCYQ/"
},
{
"source": "cve@mitre.org",
"url": "https://seclists.org/bugtraq/2019/Jun/23"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3950-1/"
},
{
"source": "cve@mitre.org",
"url": "https://www.debian.org/security/2019/dsa-4463"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00037.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/znc/znc/commit/64613bc8b6b4adf1e32231f9844d99cd512b8973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WTRBTPL7WWKQ7DZ2ALDTCGYUWSE6SL3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WRHCMHI44AW5CJ22WV676BKFUWWCLA7T/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZRVSINQHM623GJYYNDSBYSXT2MHKFCYQ/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://seclists.org/bugtraq/2019/Jun/23"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3950-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.debian.org/security/2019/dsa-4463"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-12 20:15
Modified
2024-11-21 01:16
Severity ?
Summary
NULL pointer dereference vulnerability in ZNC before 0.092 caused by traffic stats when there are unauthenticated connections.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://access.redhat.com/security/cve/cve-2010-2488 | Broken Link | |
| secalert@redhat.com | https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584929 | Exploit, Mailing List, Third Party Advisory | |
| secalert@redhat.com | https://security-tracker.debian.org/tracker/CVE-2010-2488 | Third Party Advisory | |
| secalert@redhat.com | https://wiki.znc.in/ChangeLog/0.092 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/cve-2010-2488 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584929 | Exploit, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security-tracker.debian.org/tracker/CVE-2010-2488 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.znc.in/ChangeLog/0.092 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:znc:znc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7EF80C98-11E0-40A9-88AA-1ED7C72F8227",
"versionEndExcluding": "0.092",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NULL pointer dereference vulnerability in ZNC before 0.092 caused by traffic stats when there are unauthenticated connections."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desreferencia del puntero NULL en ZNC versiones anteriores a 0.092, causada por estad\u00edsticas de tr\u00e1fico cuando se presentan conexiones no autenticadas."
}
],
"id": "CVE-2010-2488",
"lastModified": "2024-11-21T01:16:45.523",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-12T20:15:09.667",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "https://access.redhat.com/security/cve/cve-2010-2488"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584929"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2010-2488"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://wiki.znc.in/ChangeLog/0.092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://access.redhat.com/security/cve/cve-2010-2488"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584929"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2010-2488"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://wiki.znc.in/ChangeLog/0.092"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-06-02 23:15
Modified
2024-11-21 05:01
Severity ?
Summary
ZNC 1.8.0 up to 1.8.1-rc1 allows authenticated users to trigger an application crash (with a NULL pointer dereference) if echo-message is not enabled and there is no network.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/znc/znc/commit/2390ad111bde16a78c98ac44572090b33c3bd2d8 | Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/znc/znc/commit/d229761821da38d984a9e4098ad96842490dc001 | Patch, Third Party Advisory | |
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DNVBE4T2DRJRQHFRMHYBTN4OSOL6DBHR/ | ||
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HS3DWGXLVRROQQA57UIPMDM6XMVEMBRA/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/znc/znc/commit/2390ad111bde16a78c98ac44572090b33c3bd2d8 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/znc/znc/commit/d229761821da38d984a9e4098ad96842490dc001 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DNVBE4T2DRJRQHFRMHYBTN4OSOL6DBHR/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HS3DWGXLVRROQQA57UIPMDM6XMVEMBRA/ |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| znc | znc | 1.8.0 | |
| fedoraproject | fedora | 31 | |
| fedoraproject | fedora | 32 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:znc:znc:1.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF4DE9D-624E-4B41-A98A-0A0156EEA40C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
"matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
"matchCriteriaId": "36D96259-24BD-44E2-96D9-78CE1D41F956",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ZNC 1.8.0 up to 1.8.1-rc1 allows authenticated users to trigger an application crash (with a NULL pointer dereference) if echo-message is not enabled and there is no network."
},
{
"lang": "es",
"value": "ZNC 1.8.0 hasta 1.8.1-rc1 permite a los usuarios autentificados activar un bloqueo de la aplicaci\u00f3n (con una desreferencia del puntero NULL) si el mensaje eco no est\u00e1 habilitado y no hay red."
}
],
"id": "CVE-2020-13775",
"lastModified": "2024-11-21T05:01:50.013",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-02T23:15:10.567",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/znc/znc/commit/2390ad111bde16a78c98ac44572090b33c3bd2d8"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/znc/znc/commit/d229761821da38d984a9e4098ad96842490dc001"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DNVBE4T2DRJRQHFRMHYBTN4OSOL6DBHR/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HS3DWGXLVRROQQA57UIPMDM6XMVEMBRA/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/znc/znc/commit/2390ad111bde16a78c98ac44572090b33c3bd2d8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/znc/znc/commit/d229761821da38d984a9e4098ad96842490dc001"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DNVBE4T2DRJRQHFRMHYBTN4OSOL6DBHR/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HS3DWGXLVRROQQA57UIPMDM6XMVEMBRA/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-17 22:00
Modified
2025-04-11 00:51
Severity ?
Summary
Client.cpp in ZNC 0.092 allows remote attackers to cause a denial of service (exception and daemon crash) via a PING command that lacks an argument.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045385.html | ||
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045386.html | ||
| secalert@redhat.com | http://marc.info/?l=oss-security&m=128146120727810&w=2 | ||
| secalert@redhat.com | http://marc.info/?l=oss-security&m=128146352011964&w=2 | ||
| secalert@redhat.com | http://marc.info/?l=oss-security&m=128152390219401&w=2 | ||
| secalert@redhat.com | http://secunia.com/advisories/40919 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/40970 | Vendor Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/42314 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/2071 | Vendor Advisory | |
| secalert@redhat.com | http://znc.svn.sourceforge.net/viewvc/znc/trunk/Client.cpp?r1=2093&r2=2092&pathrev=2093 | ||
| secalert@redhat.com | http://znc.svn.sourceforge.net/viewvc/znc?view=revision&revision=2093 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=622600 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045385.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045386.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=oss-security&m=128146120727810&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=oss-security&m=128146352011964&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=oss-security&m=128152390219401&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/40919 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/40970 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/42314 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/2071 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://znc.svn.sourceforge.net/viewvc/znc/trunk/Client.cpp?r1=2093&r2=2092&pathrev=2093 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://znc.svn.sourceforge.net/viewvc/znc?view=revision&revision=2093 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=622600 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:znc:znc:0.092:*:*:*:*:*:*:*",
"matchCriteriaId": "B06FD1A9-E6A2-4FF1-AF7F-16A75FCFC7AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Client.cpp in ZNC 0.092 allows remote attackers to cause a denial of service (exception and daemon crash) via a PING command that lacks an argument."
},
{
"lang": "es",
"value": "Cliente.cpp en ZNC v0.092 permite a atacantes remotos causar una denegaci\u00f3n de servicio (execpci\u00f3n y parada del demonio) a trav\u00e9s de un comando PING que carece de argumento."
}
],
"id": "CVE-2010-2812",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-08-17T22:00:01.313",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045385.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045386.html"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=oss-security\u0026m=128146120727810\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=oss-security\u0026m=128146352011964\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=oss-security\u0026m=128152390219401\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40919"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40970"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/42314"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2071"
},
{
"source": "secalert@redhat.com",
"url": "http://znc.svn.sourceforge.net/viewvc/znc/trunk/Client.cpp?r1=2093\u0026r2=2092\u0026pathrev=2093"
},
{
"source": "secalert@redhat.com",
"url": "http://znc.svn.sourceforge.net/viewvc/znc?view=revision\u0026revision=2093"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=622600"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045385.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045386.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=oss-security\u0026m=128146120727810\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=oss-security\u0026m=128146352011964\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=oss-security\u0026m=128152390219401\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40919"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40970"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/42314"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2071"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://znc.svn.sourceforge.net/viewvc/znc/trunk/Client.cpp?r1=2093\u0026r2=2092\u0026pathrev=2093"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://znc.svn.sourceforge.net/viewvc/znc?view=revision\u0026revision=2093"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=622600"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}