CVE-2009-2658

Directory traversal vulnerability in ZNC before 0.072 allows remote attackers to overwrite arbitrary files via a crafted DCC SEND request.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:znc:znc:0.044:*:*:*:*:*:*:*
cpe:2.3:a:znc:znc:0.045:*:*:*:*:*:*:*
cpe:2.3:a:znc:znc:0.047:*:*:*:*:*:*:*
cpe:2.3:a:znc:znc:0.052:*:*:*:*:*:*:*
cpe:2.3:a:znc:znc:0.054:*:*:*:*:*:*:*
cpe:2.3:a:znc:znc:0.056:*:*:*:*:*:*:*
cpe:2.3:a:znc:znc:0.058:*:*:*:*:*:*:*
cpe:2.3:a:znc:znc:0.060:*:*:*:*:*:*:*
cpe:2.3:a:znc:znc:0.062:*:*:*:*:*:*:*
cpe:2.3:a:znc:znc:0.064:*:*:*:*:*:*:*
cpe:2.3:a:znc:znc:0.066:*:*:*:*:*:*:*
cpe:2.3:a:znc:znc:0.068:*:*:*:*:*:*:*
cpe:2.3:a:znc:znc:0.070:*:*:*:*:*:*:*

History

21 Nov 2024, 01:05

Type Values Removed Values Added
References () http://en.znc.in/w/index.php?title=ZNC&oldid=3209#WARNING - () http://en.znc.in/w/index.php?title=ZNC&oldid=3209#WARNING -
References () http://en.znc.in/wiki/ChangeLog/0.072 - Patch, Vendor Advisory () http://en.znc.in/wiki/ChangeLog/0.072 - Patch, Vendor Advisory
References () http://secunia.com/advisories/35916 - Vendor Advisory () http://secunia.com/advisories/35916 - Vendor Advisory
References () http://www.debian.org/security/2009/dsa-1848 - () http://www.debian.org/security/2009/dsa-1848 -
References () http://www.openwall.com/lists/oss-security/2009/07/21/5 - () http://www.openwall.com/lists/oss-security/2009/07/21/5 -
References () http://znc.svn.sourceforge.net/viewvc/znc?view=rev&sortby=rev&sortdir=down&revision=1570 - () http://znc.svn.sourceforge.net/viewvc/znc?view=rev&sortby=rev&sortdir=down&revision=1570 -
References () https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00965.html - () https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00965.html -

Information

Published : 2009-08-04 16:30

Updated : 2024-11-21 01:05


NVD link : CVE-2009-2658

Mitre link : CVE-2009-2658

CVE.ORG link : CVE-2009-2658


JSON object : View

Products Affected

znc

  • znc
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')