ZNC NULL Pointer Dereference Denial Of Service Vulnerability Network Vulnerability

Summary

ZNC is prone to a remote denial-of-service vulnerability caused by a NULL-pointer dereference. An attacker may exploit this issue to crash the application, resulting in denial-of-service conditions. Given the nature of this issue, the attacker may also be able to run arbitrary code, but this has not been confirmed. The issue affects ZNC 0.090 other versions may also be affected.

Solution

Updates are available. Please see the references for more information.

References

http://en.znc.in/wiki/ZNC
http://znc.svn.sourceforge.net/viewvc/znc?revision=2026&view=revision
https://bugzilla.redhat.com/show_bug.cgi?id=603915
https://www.securityfocus.com/bid/40982

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-2448
CVSS Base Score: 3.5
AV:N/AC:M/Au:S/C:N/I:N/A:P

Related Vulnerabilities

Trend Micro OfficeScan Client Denial Of Service Vulnerability
smallftpd 1.0.3
Kingsoft Antivirus 'KisKrnl.sys' Driver Denial of Service Vulnerability
Wireshark PPP And NFS Dissector Denial of Service Vulnerabilities (Windows)
Oracle VM VirtualBox Unspecified Denial of Service Vulnerability (Windows)

Take action and discover your vulnerabilities