Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2010-2488

Published: 12 November 2019

NULL pointer dereference vulnerability in ZNC before 0.092 caused by traffic stats when there are unauthenticated connections.

Notes

AuthorNote
mdeslaur
Seems this was typoed as CVE-2010-2448 at some point, and that
CVE stuck.

Priority

Low

Cvss 3 Severity Score

7.5

Score breakdown

Status

Package Release Status
znc
Launchpad, Ubuntu, Debian
hardy Ignored
(end of life)
lucid
Released (0.078-1ubuntu0.1)
maverick Not vulnerable
(0.092-3)
natty Not vulnerable

oneiric Not vulnerable

precise Not vulnerable

quantal Not vulnerable

upstream
Released (0.090-2)

Severity score breakdown

Parameter Value
Base score 7.5
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Scope Unchanged
Confidentiality None
Integrity impact None
Availability impact High
Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H