It was discovered that ZNC, an IRC bouncer, is vulnerable to denial of service attacks via a NULL pointer dereference when traffic statistics are requested while there is an unauthenticated connection. For the stable distribution (lenny), the problem has been fixed in version 0.058-2+lenny4. For the testing distribution (squeeze) and the unstable distribution (sid), the problem has been fixed in version 0.090-2. We recommend that you upgrade your znc packages.
It was discovered that ZNC, an IRC bouncer, is vulnerable to denial of service attacks via a NULL pointer dereference when traffic statistics are requested while there is an unauthenticated connection.
For the stable distribution (lenny), the problem has been fixed in version 0.058-2+lenny4.
For the testing distribution (squeeze) and the unstable distribution (sid), the problem has been fixed in version 0.090-2.
We recommend that you upgrade your znc packages.
MD5 checksums of the listed files are available in the original advisory.