CVE-2009-2658

2009-08-0416:30:00

CWE-22

mitre

web.nvd.nist.gov

cve-2009-2658

znc

directory traversal

vulnerability

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.5

Confidence

Low

EPSS

0.017

Percentile

87.8%

JSON

Directory traversal vulnerability in ZNC before 0.072 allows remote attackers to overwrite arbitrary files via a crafted DCC SEND request.

Affected configurations

Nvd

Node

znczncMatch0.044

znczncMatch0.045

znczncMatch0.047

znczncMatch0.052

znczncMatch0.054

znczncMatch0.056

znczncMatch0.058

znczncMatch0.060

znczncMatch0.062

znczncMatch0.064

znczncMatch0.066

znczncMatch0.068

znczncMatch0.070

VendorProductVersionCPE
zncznc0.044cpe:2.3:a:znc:znc:0.044:*:*:*:*:*:*:*
zncznc0.045cpe:2.3:a:znc:znc:0.045:*:*:*:*:*:*:*
zncznc0.047cpe:2.3:a:znc:znc:0.047:*:*:*:*:*:*:*
zncznc0.052cpe:2.3:a:znc:znc:0.052:*:*:*:*:*:*:*
zncznc0.054cpe:2.3:a:znc:znc:0.054:*:*:*:*:*:*:*
zncznc0.056cpe:2.3:a:znc:znc:0.056:*:*:*:*:*:*:*
zncznc0.058cpe:2.3:a:znc:znc:0.058:*:*:*:*:*:*:*
zncznc0.060cpe:2.3:a:znc:znc:0.060:*:*:*:*:*:*:*
zncznc0.062cpe:2.3:a:znc:znc:0.062:*:*:*:*:*:*:*
zncznc0.064cpe:2.3:a:znc:znc:0.064:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
znc	znc	0.044	cpe:2.3:a:znc:znc:0.044:::::::*
znc	znc	0.045	cpe:2.3:a:znc:znc:0.045:::::::*
znc	znc	0.047	cpe:2.3:a:znc:znc:0.047:::::::*
znc	znc	0.052	cpe:2.3:a:znc:znc:0.052:::::::*
znc	znc	0.054	cpe:2.3:a:znc:znc:0.054:::::::*
znc	znc	0.056	cpe:2.3:a:znc:znc:0.056:::::::*
znc	znc	0.058	cpe:2.3:a:znc:znc:0.058:::::::*
znc	znc	0.060	cpe:2.3:a:znc:znc:0.060:::::::*
znc	znc	0.062	cpe:2.3:a:znc:znc:0.062:::::::*
znc	znc	0.064	cpe:2.3:a:znc:znc:0.064:::::::*