Lucene search

RedhatCVE-2013-2130

HistoryJun 05, 2014 - 8:55 p.m.

CVE-2013-2130

2014-06-0520:55:04

redhat

web.nvd.nist.gov

cve-2013-2130

znc 1.0

remote authenticated users

denial of service

crafted request

webadmin.cpp

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

AI Score

6.1

Confidence

Low

EPSS

0.013

Percentile

85.7%

JSON

ZNC 1.0 allows remote authenticated users to cause a denial of service (NULL pointer reference and crash) via a crafted request to the (1) editnetwork, (2) editchan, (3) addchan, or (4) delchan page in modules/webadmin.cpp.

Affected configurations

Nvd

Node

znczncMatch1.0

VendorProductVersionCPE
zncznc1.0cpe:2.3:a:znc:znc:1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
znc	znc	1.0	cpe:2.3:a:znc:znc:1.0:::::::*

References

advisories.mageia.org/MGASA-2013-0257.html

lists.fedoraproject.org/pipermail/package-announce/2013-August/114144.html

lists.fedoraproject.org/pipermail/package-announce/2013-August/114172.html

secunia.com/advisories/53450

www.mandriva.com/security/advisories?name=MDVSA-2015:013

www.openwall.com/lists/oss-security/2013/05/30/3

github.com/znc/znc/commit/2bd410ee5570cea127233f1133ea22f25174eb28

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

AI Score

6.1

Confidence

Low

EPSS

0.013

Percentile

85.7%

JSON

Related for CVE-2013-2130