CVE-2018-14055

Опубликовано: 15 июл. 2018

Источник: debian

Описание

ZNC before 1.7.1-rc1 does not properly validate untrusted lines coming from the network, allowing a non-admin user to escalate his privilege and inject rogue values into znc.conf.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
znc	fixed	1.7.1-1		package

Примечания

https://github.com/znc/znc/commit/a7bfbd93812950b7444841431e8e297e62cb524e
https://github.com/znc/znc/commit/d22fef8620cdd87490754f607e7153979731c69d
https://www.openwall.com/lists/oss-security/2018/07/18/4

Связанные уязвимости

CVE-2018-14055

CVSS3: 6.5

ubuntu

больше 7 лет назад

ZNC before 1.7.1-rc1 does not properly validate untrusted lines coming from the network, allowing a non-admin user to escalate his privilege and inject rogue values into znc.conf.

CVE-2018-14055

CVSS3: 6.5

nvd

больше 7 лет назад

ZNC before 1.7.1-rc1 does not properly validate untrusted lines coming from the network, allowing a non-admin user to escalate his privilege and inject rogue values into znc.conf.

GHSA-jwph-8hwh-5w78

CVSS3: 6.5

github

больше 3 лет назад

ZNC before 1.7.1-rc1 does not properly validate untrusted lines coming from the network, allowing a non-admin user to escalate his privilege and inject rogue values into znc.conf.

openSUSE-SU-2018:2231-1

suse-cvrf

больше 7 лет назад

Security update for znc

openSUSE-SU-2018:2228-1

suse-cvrf

больше 7 лет назад

Security update for znc