CVE-2014-9403

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2014-9403
The CWebAdminMod::ChanPage function in modules/webadmin.cpp in ZNC before 1.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) by adding a channel with the same name as an existing channel but without the leading # character, related to a "use-after-delete" error.

4.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:S/C:N/I:N/A:P

Exploitability : 8.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References
Link Resource
http://advisories.mageia.org/MGASA-2014-0543.html
http://secunia.com/advisories/57795
http://www.mandriva.com/security/advisories?name=MDVSA-2015:013
http://www.openwall.com/lists/oss-security/2014/12/18/2
http://www.securityfocus.com/bid/66926
https://github.com/znc/znc/blob/master/ChangeLog.md
https://github.com/znc/znc/issues/528 Vendor Advisory
http://advisories.mageia.org/MGASA-2014-0543.html
http://secunia.com/advisories/57795
http://www.mandriva.com/security/advisories?name=MDVSA-2015:013
http://www.openwall.com/lists/oss-security/2014/12/18/2
http://www.securityfocus.com/bid/66926
https://github.com/znc/znc/blob/master/ChangeLog.md
https://github.com/znc/znc/issues/528 Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:znc:znc:*:*:*:*:*:*:*:*
History

21 Nov 2024, 02:20

Type Values Removed Values Added
References () http://advisories.mageia.org/MGASA-2014-0543.html - () http://advisories.mageia.org/MGASA-2014-0543.html -
References () http://secunia.com/advisories/57795 - () http://secunia.com/advisories/57795 -
References () http://www.mandriva.com/security/advisories?name=MDVSA-2015:013 - () http://www.mandriva.com/security/advisories?name=MDVSA-2015:013 -
References () http://www.openwall.com/lists/oss-security/2014/12/18/2 - () http://www.openwall.com/lists/oss-security/2014/12/18/2 -
References () http://www.securityfocus.com/bid/66926 - () http://www.securityfocus.com/bid/66926 -
References () https://github.com/znc/znc/blob/master/ChangeLog.md - () https://github.com/znc/znc/blob/master/ChangeLog.md -
References () https://github.com/znc/znc/issues/528 - Vendor Advisory () https://github.com/znc/znc/issues/528 - Vendor Advisory
Information

Published : 2014-12-19 15:59

Updated : 2024-11-21 02:20

NVD link : CVE-2014-9403

Mitre link : CVE-2014-9403

CVE.ORG link : CVE-2014-9403

JSON object : View

Products Affected

znc

  • znc
CWE
NVD-CWE-Other

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024