Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
3.5
CVSSv2

CVE-2010-2448

Published: 12/07/2010 Updated: 12/07/2010
CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8
VMScore: 312
Vector: AV:N/AC:M/Au:S/C:N/I:N/A:P
Subscribe to Znc

Vulnerability Summary

znc.cpp in ZNC prior to 0.092 allows remote authenticated users to cause a denial of service (crash) by requesting traffic statistics when there is an active unauthenticated connection, which triggers a NULL pointer dereference, as demonstrated using (1) a traffic link in the web administration pages or (2) the traffic command in the /znc shell.

Vulnerable Product Search on Vulmon Subscribe to Product

znc znc 0.076

znc znc 0.074

znc znc 0.072

znc znc 0.070

znc znc 0.043

znc znc 0.041

znc znc 0.034

znc znc 0.080

znc znc 0.066

znc znc 0.062

znc znc 0.047

znc znc 0.044

znc znc 0.058

znc znc 0.056

znc znc 0.054

znc znc 0.052

znc znc

znc znc 0.078

znc znc 0.068

znc znc 0.064

znc znc 0.060

znc znc 0.050

znc znc 0.045

Vendor Advisories

Debian Security Advisories: DSA-2069-1 znc -- denial of service
It was discovered that ZNC, an IRC bouncer, is vulnerable to denial of service attacks via a NULL pointer dereference when traffic statistics are requested while there is an unauthenticated connection For the stable distribution (lenny), the problem has been fixed in version 0058-2+lenny4 For the testing distribution (squeeze) and the unstable d ...

References

NVD-CWE-Otherhttp://www.securityfocus.com/bid/40982http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043044.htmlhttp://www.debian.org/security/2010/dsa-2069http://www.vupen.com/english/advisories/2010/1775http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043000.htmlhttp://znc.svn.sourceforge.net/viewvc/znc?revision=2026&view=revisionhttp://znc.svn.sourceforge.net/viewvc/znc/trunk/znc.cpp?r1=2025&r2=2026&pathrev=2026http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584929http://secunia.com/advisories/40523http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043043.htmlhttp://sourceforge.net/projects/znc/files/znc/0.092/znc-0.092-changelog.txt/viewhttps://nvd.nist.govhttps://www.debian.org/security/./dsa-2069
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21987buffer overflowCVE-2024-28890CVE-2024-27574CVE-2024-27347CVE-2024-31450privilegeSSTICVE-2024-31666
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook