CVE-2010-2934

Published: 17 August 2010

Multiple unspecified vulnerabilities in ZNC 0.092 allow remote attackers to cause a denial of service (exception and daemon crash) via unknown vectors related to "unsafe substr() calls."

Priority

Status

Package	Release	Status
znc Launchpad, Ubuntu, Debian	dapper	Does not exist
	hardy	Ignored (reached end-of-life)
	jaunty	Ignored (reached end-of-life)
	karmic	Ignored (reached end-of-life)
	lucid	Released (0.078-1ubuntu0.1)
	maverick	Ignored (reached end-of-life)
	natty	Ignored (reached end-of-life)
	oneiric	Not vulnerable (0.098-2ubuntu1)
	precise	Not vulnerable
	quantal	Not vulnerable
	raring	Not vulnerable
	upstream	Released (0.092-2)
	Patches: upstream: http://znc.svn.sourceforge.net/viewvc/znc?view=revision&revision=2095

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2934
NVD
Launchpad
Debian

Bugs

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599708
https://bugs.launchpad.net/ubuntu/+source/znc/+bug/1090195

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›