CVE-2010-2448
12.07.2010, 17:30
znc.cpp in ZNC before 0.092 allows remote authenticated users to cause a denial of service (crash) by requesting traffic statistics when there is an active unauthenticated connection, which triggers a NULL pointer dereference, as demonstrated using (1) a traffic link in the web administration pages or (2) the traffic command in the /znc shell.Enginsight
| Vendor | Product | Version |
|---|---|---|
| znc | znc | 𝑥 ≤ 0.090 |
| znc | znc | 0.034 |
| znc | znc | 0.041 |
| znc | znc | 0.043 |
| znc | znc | 0.044 |
| znc | znc | 0.045 |
| znc | znc | 0.047 |
| znc | znc | 0.050 |
| znc | znc | 0.052 |
| znc | znc | 0.054 |
| znc | znc | 0.056 |
| znc | znc | 0.058 |
| znc | znc | 0.060 |
| znc | znc | 0.062 |
| znc | znc | 0.064 |
| znc | znc | 0.066 |
| znc | znc | 0.068 |
| znc | znc | 0.070 |
| znc | znc | 0.072 |
| znc | znc | 0.074 |
| znc | znc | 0.076 |
| znc | znc | 0.078 |
| znc | znc | 0.080 |
𝑥
= Vulnerable software versions
Ubuntu Releases
References