CVE-2010-2934

Published: 17 August 2010

Multiple unspecified vulnerabilities in ZNC 0.092 allow remote attackers to cause a denial of service (exception and daemon crash) via unknown vectors related to "unsafe substr() calls."

Priority

Status

Package	Release	Status
znc Launchpad, Ubuntu, Debian	dapper	Does not exist
	hardy	Ignored (end of life)
	jaunty	Ignored (end of life)
	karmic	Ignored (end of life)
	lucid	Released (0.078-1ubuntu0.1)
	maverick	Ignored (end of life)
	natty	Ignored (end of life)
	oneiric	Not vulnerable (0.098-2ubuntu1)
	precise	Not vulnerable
	quantal	Not vulnerable
	upstream	Released (0.092-2)
	Patches: upstream: http://znc.svn.sourceforge.net/viewvc/znc?view=revision&revision=2095

References

https://www.cve.org/CVERecord?id=CVE-2010-2934
NVD
Launchpad
Debian

Bugs

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599708
https://bugs.launchpad.net/ubuntu/+source/znc/+bug/1090195

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›