Lucene search

PRIOn knowledge basePRION:CVE-2010-2448

HistoryJul 12, 2010 - 5:30 p.m.

Null pointer dereference

2010-07-1217:30:00

PRIOn knowledge base

www.prio-n.com

6.9 Medium

AI Score

Confidence

Low

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

0.003 Low

EPSS

Percentile

70.5%

JSON

znc.cpp in ZNC before 0.092 allows remote authenticated users to cause a denial of service (crash) by requesting traffic statistics when there is an active unauthenticated connection, which triggers a NULL pointer dereference, as demonstrated using (1) a traffic link in the web administration pages or (2) the traffic command in the /znc shell.

CPENameOperatorVersion
znceq0.074
znceq0.044
znceq0.072
znceq0.062
znceq0.045
znceq0.052
znceq0.058
znceq0.080
znceq0.043
znceq0.056

Name	Operator	Version
znc	eq	0.074
znc	eq	0.044
znc	eq	0.072
znc	eq	0.062
znc	eq	0.045
znc	eq	0.052
znc	eq	0.058
znc	eq	0.080
znc	eq	0.043
znc	eq	0.056

Rows per page:

1-10 of 231

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=584929

secunia.com/advisories/40523

sourceforge.net/projects/znc/files/znc/0.092/znc-0.092-changelog.txt/view

www.debian.org/security/2010/dsa-2069

www.securityfocus.com/bid/40982

www.vupen.com/english/advisories/2010/1775

znc.svn.sourceforge.net/viewvc/znc/trunk/znc.cpp?r1=2025&r2=2026&pathrev=2026

znc.svn.sourceforge.net/viewvc/znc?revision=2026&view=revision

lists.fedoraproject.org/pipermail/package-announce/2010-June/043000.html

lists.fedoraproject.org/pipermail/package-announce/2010-June/043043.html

lists.fedoraproject.org/pipermail/package-announce/2010-June/043044.html

6.9 Medium

AI Score

Confidence

Low

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

0.003 Low

EPSS

Percentile

70.5%

JSON

Related for PRION:CVE-2010-2448