Lucene search
K

18 matches found

Tenable Nessus
Tenable Nessus
added 2019/03/27 12:0 a.m.30 views

openSUSE Security Update : znc (openSUSE-2019-571)

This update for znc fixes the following issues : - Update to version 1.7.1 - CVE-2018-14055: non-admin user could gain admin privileges and shell access by injecting values into znc.conf bnc1101281 - CVE-2018-14056: path traversal in HTTP handler via ../ in a web skin name. bnc1101280 - Update to...

6.5CVSS6.5AI score0.02017EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/08/08 12:0 a.m.24 views

openSUSE Security Update : znc (openSUSE-2018-819)

This update for znc fixes the following issues : - Update to version 1.7.1 - CVE-2018-14055: non-admin user could gain admin privileges and shell access by injecting values into znc.conf bnc1101281 - CVE-2018-14056: path traversal in HTTP handler via ../ in a web skin name. bnc1101280 - Update to...

6.5CVSS6.5AI score0.02017EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2018/08/08 12:0 a.m.24 views

openSUSE: Security Advisory for znc (openSUSE-SU-2018:2231-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.5CVSS6.2AI score0.02017EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2018/08/07 3:9 p.m.72 views

Security update for znc (moderate)

This update for znc fixes the following issues: - Update to version 1.7.1 CVE-2018-14055: non-admin user could gain admin privileges and shell access by injecting values into znc.conf bnc1101281 CVE-2018-14056: path traversal in HTTP handler via ../ in a web skin name. bnc1101280 - Update to...

0.5AI score0.02017EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2018/08/07 3:7 p.m.61 views

Security update for znc (moderate)

This update for znc fixes the following issues: - Update to version 1.7.1 CVE-2018-14055: non-admin user could gain admin privileges and shell access by injecting values into znc.conf bnc1101281 CVE-2018-14056: path traversal in HTTP handler via ../ in a web skin name. bnc1101280 - Update to...

0.5AI score0.02017EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/07/30 12:0 a.m.18 views

GLSA-201807-03 : ZNC:Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201807-03 ZNC:Multiple Vulnerabilities Multiple vulnerabilities have been discovered in ZNC. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could read arbitary files and esclate...

6.5CVSS6.5AI score0.02017EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2018/07/20 12:0 a.m.24 views

Debian DSA-4252-1 : znc - security update

Jeriko One discovered two vulnerabilities in the ZNC IRC bouncer which could result in privilege escalation or denial of service. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4252. The text itself is...

6.5CVSS6.4AI score0.02017EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2018/07/20 12:0 a.m.28 views

FreeBSD : znc -- multiple vulnerabilities (c6d1a8a6-8a91-11e8-be4d-005056925db4)

Mitre reports : ZNC before 1.7.1-rc1 does not properly validate untrusted lines coming from the network, allowing a non-admin user to escalate his privilege and inject rogue values into znc.conf. ZNC before 1.7.1-rc1 is prone to a path traversal flaw via ../ in a web skin name to access files...

6.5CVSS6.4AI score0.02017EPSS
Exploits0References4
ArchLinux
ArchLinux
added 2018/07/19 12:0 a.m.30 views

[ASA-201807-11] znc: multiple issues

Arch Linux Security Advisory ASA-201807-11 ========================================== Severity: High Date : 2018-07-19 CVE-ID : CVE-2018-14055 CVE-2018-14056 Package : znc Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-737 Summary ======= The package znc before...

6.5CVSS1AI score0.02017EPSS
Exploits0References9
Debian
Debian
added 2018/07/18 9:22 p.m.40 views

[SECURITY] [DSA 4252-1] znc security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4252-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 18, 2018 https://www.debian.org/security/faq -...

6.5CVSS7.3AI score0.02017EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/07/16 12:0 a.m.30 views

Debian DLA-1427-1 : znc security update

It was discovered that there were two issues in znc, a modular IRC bouncer : - There was insufficient validation of lines coming from the network allowing a non-admin user to escalate his privilege and inject rogue values into znc.conf. CVE-2018-14055 - A path traversal vulnerability via '../'...

6.5CVSS6.5AI score0.02017EPSS
Exploits0References2
OSV
OSV
added 2018/07/15 1:29 a.m.24 views

CVE-2018-14055

ZNC before 1.7.1-rc1 does not properly validate untrusted lines coming from the network, allowing a non-admin user to escalate his privilege and inject rogue values into znc.conf...

6.5CVSS6.6AI score0.01463EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2018/07/15 1:29 a.m.27 views

CVE-2018-14055

ZNC before 1.7.1-rc1 does not properly validate untrusted lines coming from the network, allowing a non-admin user to escalate his privilege and inject rogue values into znc.conf...

6.5CVSS6.8AI score0.01463EPSS
Exploits0References3
CVE
CVE
added 2018/07/15 1:0 a.m.104 views

CVE-2018-14055

ZNC vulnerability CVE-2018-14055 (and related CVEs) affects ZNC before 1.7.1-rc1, where untrusted network input is not properly validated, allowing a non-admin user to escalate privileges, inject rogue values into znc.conf, and potentially gain shell access. A separate issue (CVE-2018-14056) enab...

6.5CVSS6.6AI score0.01463EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2018/07/15 1:0 a.m.20 views

CVE-2018-14055

ZNC before 1.7.1-rc1 does not properly validate untrusted lines coming from the network, allowing a non-admin user to escalate his privilege and inject rogue values into znc.conf...

6.7AI score0.01463EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2018/07/15 1:0 a.m.29 views

CVE-2018-14055

ZNC before 1.7.1-rc1 does not properly validate untrusted lines coming from the network, allowing a non-admin user to escalate his privilege and inject rogue values into znc.conf...

6.5CVSS6.9AI score0.01463EPSS
Exploits0
Debian CVE
Debian CVE
added 2018/07/15 1:0 a.m.23 views

CVE-2018-14055

ZNC before 1.7.1-rc1 does not properly validate untrusted lines coming from the network, allowing a non-admin user to escalate his privilege and inject rogue values into znc.conf...

6.5CVSS3.3AI score0.01463EPSS
Exploits0
OpenVAS
OpenVAS
added 2018/07/15 12:0 a.m.20 views

Debian: Security Advisory (DLA-1427-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.2AI score0.02017EPSS
Exploits0References2
Rows per page
Query Builder