SUSE CVE-2014-9403

🗓️ 15 Feb 2023 05:25:02Reported by Suse CVEType

susecve

susecve🔗 www.suse.com👁 2 Views

Authenticated users can crash ZNC before 1.4 by adding a channel with the same name, without a leading #.

Reporter	Title	Published	Views	Family All 20
CVE	CVE-2014-9403	19 Dec 201415:00	–	cve
Cvelist	CVE-2014-9403	19 Dec 201415:00	–	cvelist
Debian CVE	CVE-2014-9403	19 Dec 201415:00	–	debiancve
EUVD	EUVD-2014-9224	7 Oct 202500:30	–	euvd
Tenable Nessus	GLSA-201412-31 : ZNC: Denial of Service	19 Dec 201400:00	–	nessus
Tenable Nessus	Mandriva Linux Security Advisory : znc (MDVSA-2015:013)	9 Jan 201500:00	–	nessus
Tenable Nessus	openSUSE Security Update : znc (openSUSE-2015-845)	2 Dec 201500:00	–	nessus
Gentoo Linux	ZNC: Denial of service	19 Dec 201400:00	–	gentoo
Mageia	Updated znc package fixes CVE-2014-9403	21 Dec 201420:47	–	mageia
NVD	CVE-2014-9403	19 Dec 201415:59	–	nvd

OS	OS Version	Architecture	Package	Package Version	Filename
SUSE Linux Enterprise Server	12	any	znc	1.6.2-4.1	znc-1.6.2-4.1.noarch.rpm
SUSE Linux Enterprise Server	12	any	znc-devel	1.6.2-4.1	znc-devel-1.6.2-4.1.noarch.rpm
SUSE Linux Enterprise Server	12	any	znc-perl	1.6.2-4.1	znc-perl-1.6.2-4.1.noarch.rpm
SUSE Linux Enterprise Server	12	any	znc-python3	1.6.2-4.1	znc-python3-1.6.2-4.1.noarch.rpm
SUSE Linux Enterprise Server	12	any	znc-tcl	1.6.2-4.1	znc-tcl-1.6.2-4.1.noarch.rpm

Source	Link
suse	www.suse.com/security/cve/CVE-2014-9403
suse	www.suse.com/support/security/rating/
bugzilla	www.bugzilla.suse.com/956254

16 Mar 2025 11:36Current

6.6Medium risk

Vulners AI Score6.6

CVSS 24

EPSS0.01087

znc vulnerability webadmin module channel name null pointer dereference use after delete denial of service