Denial of Service : ZNC < 1.7.3-rc1 DoS Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.108604

Categoría: Denial of Service

Título: ZNC < 1.7.3-rc1 DoS Vulnerability

Resumen: an ZNC IRC bouncer is prone to a Denial of Service vulnerability.

Descripción: Summary:
an ZNC IRC bouncer is prone to a Denial of Service vulnerability.

Vulnerability Insight:
The flaw can be triggered by an attacker by using an invalid encoding.

Vulnerability Impact:
Successful exploitation allows an existing remote user to cause a Denial of Service (crash).

Affected Software/OS:
ZNC before 1.7.3-rc1.

Solution:
Upgrade to ZNC 1.7.3-rc1 or later. Please see the references for more information.

CVSS Score:
4.0

CVSS Vector:
AV:N/AC:L/Au:S/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2019-9917
Bugtraq: 20190617 [SECURITY] [DSA 4463-1] znc security update (Google Search)
https://seclists.org/bugtraq/2019/Jun/23
Debian Security Information: DSA-4463 (Google Search)
https://www.debian.org/security/2019/dsa-4463
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WRHCMHI44AW5CJ22WV676BKFUWWCLA7T/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7WTRBTPL7WWKQ7DZ2ALDTCGYUWSE6SL3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZRVSINQHM623GJYYNDSBYSXT2MHKFCYQ/
https://github.com/znc/znc/commit/64613bc8b6b4adf1e32231f9844d99cd512b8973
SuSE Security Announcement: openSUSE-SU-2019:1775 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00037.html
SuSE Security Announcement: openSUSE-SU-2019:1859 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00018.html
https://usn.ubuntu.com/3950-1/

Copyright Copyright (C) 2019 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.108604
Categoría:	Denial of Service
Título:	ZNC < 1.7.3-rc1 DoS Vulnerability
Resumen:	an ZNC IRC bouncer is prone to a Denial of Service vulnerability.
Descripción:	Summary: an ZNC IRC bouncer is prone to a Denial of Service vulnerability. Vulnerability Insight: The flaw can be triggered by an attacker by using an invalid encoding. Vulnerability Impact: Successful exploitation allows an existing remote user to cause a Denial of Service (crash). Affected Software/OS: ZNC before 1.7.3-rc1. Solution: Upgrade to ZNC 1.7.3-rc1 or later. Please see the references for more information. CVSS Score: 4.0 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2019-9917 Bugtraq: 20190617 [SECURITY] [DSA 4463-1] znc security update (Google Search) https://seclists.org/bugtraq/2019/Jun/23 Debian Security Information: DSA-4463 (Google Search) https://www.debian.org/security/2019/dsa-4463 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WRHCMHI44AW5CJ22WV676BKFUWWCLA7T/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7WTRBTPL7WWKQ7DZ2ALDTCGYUWSE6SL3/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZRVSINQHM623GJYYNDSBYSXT2MHKFCYQ/ https://github.com/znc/znc/commit/64613bc8b6b4adf1e32231f9844d99cd512b8973 SuSE Security Announcement: openSUSE-SU-2019:1775 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00037.html SuSE Security Announcement: openSUSE-SU-2019:1859 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00018.html https://usn.ubuntu.com/3950-1/
Copyright	Copyright (C) 2019 Greenbone Networks GmbH