znc.cpp in ZNC prior to 0.092 allows remote authenticated users to cause a denial of service (crash) by requesting traffic statistics when there is an active unauthenticated connection, which triggers a NULL pointer dereference, as demonstrated using (1) a traffic link in the web administration pages or (2) the traffic command in the /znc shell.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
znc znc 0.076 |
||
znc znc 0.074 |
||
znc znc 0.072 |
||
znc znc 0.070 |
||
znc znc 0.043 |
||
znc znc 0.041 |
||
znc znc 0.034 |
||
znc znc 0.080 |
||
znc znc 0.066 |
||
znc znc 0.062 |
||
znc znc 0.047 |
||
znc znc 0.044 |
||
znc znc 0.058 |
||
znc znc 0.056 |
||
znc znc 0.054 |
||
znc znc 0.052 |
||
znc znc |
||
znc znc 0.078 |
||
znc znc 0.068 |
||
znc znc 0.064 |
||
znc znc 0.060 |
||
znc znc 0.050 |
||
znc znc 0.045 |