ZNC NULL Pointer Dereference Denial Of Service Vulnerability Network Vulnerability

Summary

ZNC is prone to a remote denial-of-service vulnerability caused by a NULL-pointer dereference. An attacker may exploit this issue to crash the application, resulting in denial-of-service conditions. Given the nature of this issue, the attacker may also be able to run arbitrary code, but this has not been confirmed. The issue affects ZNC 0.090 other versions may also be affected.

Solution

Updates are available. Please see the references for more information.

References

http://en.znc.in/wiki/ZNC
http://znc.svn.sourceforge.net/viewvc/znc?revision=2026&view=revision
https://bugzilla.redhat.com/show_bug.cgi?id=603915
https://www.securityfocus.com/bid/40982

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-2448

CVSS	Base Score: 3.5 AV:N/AC:M/Au:S/C:N/I:N/A:P

Related Vulnerabilities

osTicket Support Address DoS
Firefox Browser designMode Null Pointer Dereference DoS Vulnerability - Win
TheGreenBow IPSec VPN Client Denial Of Service Vulnerability
Firefox Browser designMode Null Pointer Dereference DoS Vulnerability - Linux
MDaemon imap server DoS(2)

Take action and discover your vulnerabilities