The CWebAdminMod::ChanPage function in modules/webadmin.cpp in ZNC prior to 1.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) by adding a channel with the same name as an existing channel but without the leading # character, related to a "use-after-delete" error.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
znc znc |