1. CVE-Search
  2. CVE-2014-9403
ID CVE-2014-9403
Summary The CWebAdminMod::ChanPage function in modules/webadmin.cpp in ZNC before 1.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) by adding a channel with the same name as an existing channel but without the leading # character, related to a "use-after-delete" error. <a href="http://cwe.mitre.org/data/definitions/476.html">CWE-476: NULL Pointer Dereference</a>
References
Vulnerable Configurations
  • cpe:2.3:a:znc:znc:0.023:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.023:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.025:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.025:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.027:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.027:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.028:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.028:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.029:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.029:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.030:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.030:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.033:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.033:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.034:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.034:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.035:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.035:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.036:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.036:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.037:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.037:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.038:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.038:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.039:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.039:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.040:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.040:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.041:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.041:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.043:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.043:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.044:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.044:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.045:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.045:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.047:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.047:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.050:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.050:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.052:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.052:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.054:-:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.054:-:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.054:rc1:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.054:rc1:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.054:rc2:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.054:rc2:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.054:rc3:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.054:rc3:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.056:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.056:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.058:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.058:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.060:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.060:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.062:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.062:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.064:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.064:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.066:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.066:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.068:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.068:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.070:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.070:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.072:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.072:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.074:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.074:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.076:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.076:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.078:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.078:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.080:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.080:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.090:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.090:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.092:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.092:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.094:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.094:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.096:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.096:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.098:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.098:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.200:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.200:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.202:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.202:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.204:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.204:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:0.206:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:0.206:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:znc:znc:1.2:*:*:*:*:*:*:*
    cpe:2.3:a:znc:znc:1.2:*:*:*:*:*:*:*
CVSS
Base: 4.0 (as of 29-09-2015 - 00:31)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:S/C:N/I:N/A:P
refmap via4
bid 66926
confirm
mandriva MDVSA-2015:013
mlist [oss-security] 20141217 Re: CVE Request: ZNC NULL Pointer Dereference
secunia 57795
Last major update 29-09-2015 - 00:31
Published 19-12-2014 - 15:59
Last modified 29-09-2015 - 00:31
Back to Top