Lucene search

Gentoo FoundationMGASA-2013-0257

HistoryAug 22, 2013 - 10:16 p.m.

Updated znc package fixes CVE-2013-2130

2013-08-2222:16:27

Gentoo Foundation

advisories.mageia.org

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

0.013 Low

EPSS

Percentile

85.6%

JSON

Updated znc packages fix security vulnerability: Multiple vulnerabilities were reported in ZNC version 1.0 which can be exploited by malicious authenticated users to cause a denial of service. These flaws are due to errors when handling the “editnetwork”, “editchan”, “addchan”, and “delchan” page requests; they can be exploited to cause a NULL pointer dereference (CVE-2013-2130).

OSVersionArchitecturePackageVersionFilename
Mageia3noarchznc< 1.0-2.1znc-1.0-2.1.mga3

OS	Version	Architecture	Package	Version	Filename
Mageia	3	noarch	znc	< 1.0-2.1	znc-1.0-2.1.mga3

References

bugs.mageia.org/show_bug.cgi?id=11034

lists.fedoraproject.org/pipermail/package-announce/2013-August/114144.html

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

0.013 Low

EPSS

Percentile

85.6%

JSON

Related for MGASA-2013-0257