Lucene search

[email protected]CVE-2009-0759

HistoryMar 03, 2009 - 4:30 p.m.

CVE-2009-0759

2009-03-0316:30:05

CWE-94

[email protected]

web.nvd.nist.gov

cve-2009-0759

crlf injection

znc

webadmin

vulnerability

nvd

6.7 Medium

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

75.8%

JSON

Multiple CRLF injection vulnerabilities in webadmin in ZNC before 0.066 allow remote authenticated users to modify the znc.conf configuration file and gain privileges via CRLF sequences in the quit message and other vectors.

Affected configurations

NVD

Node

znczncRange≤0.062

znczncMatch0.056

znczncMatch0.058

CPENameOperatorVersion
znc:znczncle0.062
znc:zncznceq0.056
znc:zncznceq0.058

CPE	Name	Operator	Version
znc:znc	znc	le	0.062
znc:znc	znc	eq	0.056
znc:znc	znc	eq	0.058

References

osvdb.org/52295

secunia.com/advisories/34230

www.debian.org/security/2009/dsa-1735

www.openwall.com/lists/oss-security/2009/03/01/2

znc.svn.sourceforge.net/viewvc/znc/trunk/modules/webadmin.cpp?view=log&sortby=rev&sortdir=down&pathrev=1395

znc.svn.sourceforge.net/viewvc/znc?view=rev&sortby=rev&sortdir=down&revision=1395

znc.svn.sourceforge.net/viewvc/znc?view=rev&sortby=rev&sortdir=down&revision=1396

6.7 Medium

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

75.8%

JSON

Related for CVE-2009-0759

securityvulns1 openvas6 ubuntucve1 osv1 nessus2 debian4 debiancve1 prion1 seebug1 gentoo1 cvelist1 nvd1