Computer Security
[EN] securityvulns.ru no-pyccku


Multiple znc security vulnerabilities
Published:13.01.2015
Source:
SecurityVulns ID:14200
Type:remote
Threat Level:
5/10
Description:Multiple DoS conditions.
Affected:ZNC : znc 1.3
 ZNC : znc 1.0
CVE:CVE-2014-9403 (The CWebAdminMod::ChanPage function in modules/webadmin.cpp in ZNC before 1.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) by adding a channel with the same name as an existing channel but without the leading # character, related to a "use-after-delete" error.)
 CVE-2013-2130 (ZNC 1.0 allows remote authenticated users to cause a denial of service (NULL pointer reference and crash) via a crafted request to the (1) editnetwork, (2) editchan, (3) addchan, or (4) delchan page in modules/webadmin.cpp.)
Original documentdocumentMANDRIVA, [ MDVSA-2015:013 ] znc (13.01.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod