oss-sec mailing list archives

Re: CVE request: znc: null pointer dereference in webadmin


From: Kurt Seifried <kseifried () redhat com>
Date: Thu, 30 May 2013 14:17:09 -0600

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 05/30/2013 02:50 AM, Raphael Geissert wrote:
Hi,

A null pointer dereference was found in ZNC 1.0 in the webadmin
module which can be triggered by non-admins and cause denial of
service[0].

Could a CVE id be assigned please?

Thanks in advance.

References: [0]
https://github.com/znc/znc/commit/2bd410ee5570cea127233f1133ea22f25174eb28


[1] https://secunia.com/advisories/53450/

Cheers, -- Raphael Geissert - Debian Developer www.debian.org -
get.debian.net

Please use CVE-2013-2130 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iQIcBAEBAgAGBQJRp7PFAAoJEBYNRVNeJnmTwxoQAJSCdnDUK3hRAZFLrChyN4UL
ERQdptENDqkj+B5uIMkyc2UCcXaSLtE5vv7e4dgnvLz2e6PrnOeUhbk0pHU68cYu
1Mi0i5F1Dzv675UWYob5+EQsYQ19Yt4OWnAFJ+KK4r0d61aMP6mKznV09cOzmjQ9
dVy1W34LnHH2dR4hv+5k2jv57xs1zLvsa1iKUCgcL3SmsPgr6i4iFH2YOsifbIqx
KCvFmFPCqKQwNmAhksRGH8Q8SIlH6ESl/MvSu77drG2BcgAfEBgfMjfInS+3vvWO
xUzkxJCUOockl/C+E5Vw2NIjlysOdYg/WO1Aifq37+YrGQXSIk4xqgeTfccm/UQe
A0uWI4FmlXsr9DOrbXjtkH3N/J2e3HDIF67GeZo+hOz5HQtJg8y04gBYmtxGPO58
TjtyZR4ryjyqXdUcXF5n1s27CS6eefbphMD2fDkna+gHS3YEKUwz2pEMZGaMcpsv
qdqRl0OI8M9lcqLObNyWD7IH/ADCGYHg/D8nH3tVCOlwC0XdzuIfANP9bWZSUTUf
xW9C9lBhGPiYMTfhDn9HzEElyqZINaSWTzGNI89bESqeB9ODev1ShiEaQv2VnY0E
B0MWU8w9RRW+MyGfNd8uEO2nXHayg8Cn4rEp5Eg5zSbPcz0wZcDKdwPTin7Gx0ME
XiDLCbDY6AEB/Td8tC57
=0S2S
-----END PGP SIGNATURE-----


Current thread: