ID CVE-2013-2130
Summary ZNC 1.0 allows remote authenticated users to cause a denial of service (NULL pointer reference and crash) via a crafted request to the (1) editnetwork, (2) editchan, (3) addchan, or (4) delchan page in modules/webadmin.cpp. Per: http://cwe.mitre.org/data/definitions/476.html "CWE-476: NULL Pointer Dereference"
References
Vulnerable Configurations
  • cpe:2.3:a:znc:znc:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:1.0:*:*:*:*:*:*:*
CVSS
Base: 4.0 (as of 10-09-2015 - 15:24)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:S/C:N/I:N/A:P
refmap via4
confirm
fedora
  • FEDORA-2013-14123
  • FEDORA-2013-14132
mandriva MDVSA-2015:013
mlist [oss-security] 20130530 Re: CVE request: znc: null pointer dereference in webadmin
secunia 53450
Last major update 10-09-2015 - 15:24
Published 05-06-2014 - 20:55
Last modified 10-09-2015 - 15:24
Back to Top