CVE-2013-2130
Published: 5 June 2014
ZNC 1.0 allows remote authenticated users to cause a denial of service (NULL pointer reference and crash) via a crafted request to the (1) editnetwork, (2) editchan, (3) addchan, or (4) delchan page in modules/webadmin.cpp.
Notes
Author | Note |
---|---|
jdstrand | 1.0 and higher affected |
Priority
Status
Package | Release | Status |
---|---|---|
znc Launchpad, Ubuntu, Debian |
lucid |
Ignored
(end of life)
|
precise |
Not vulnerable
|
|
quantal |
Not vulnerable
(0.206-2)
|
|
raring |
Released
(1.0-2ubuntu1.1)
|
|
saucy |
Not vulnerable
(1.0-5)
|
|
upstream |
Released
(1.0-5)
|
|
Patches: upstream: https://github.com/znc/znc/commit/2bd410ee5570cea127233f1133ea22f25174eb28 |