znc.cpp in ZNC before 0.092 allows remote authenticated users to cause a denial of service (crash) by requesting traffic statistics when there is an active unauthenticated connection, which triggers a NULL pointer dereference, as demonstrated using (1) a traffic link in the web administration pages or (2) the traffic command in the /znc shell.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Znc | Znc | 0.074 | 0.074 |
Znc | Znc | 0.044 | 0.044 |
Znc | Znc | 0.072 | 0.072 |
Znc | Znc | 0.062 | 0.062 |
Znc | Znc | 0.045 | 0.045 |
Znc | Znc | 0.052 | 0.052 |
Znc | Znc | 0.058 | 0.058 |
Znc | Znc | 0.080 | 0.080 |
Znc | Znc | 0.043 | 0.043 |
Znc | Znc | 0.056 | 0.056 |
Znc | Znc | 0.078 | 0.078 |
Znc | Znc | 0.050 | 0.050 |
Znc | Znc | * | 0.090 |
Znc | Znc | 0.034 | 0.034 |
Znc | Znc | 0.076 | 0.076 |
Znc | Znc | 0.070 | 0.070 |
Znc | Znc | 0.064 | 0.064 |
Znc | Znc | 0.068 | 0.068 |
Znc | Znc | 0.054 | 0.054 |
Znc | Znc | 0.060 | 0.060 |
Znc | Znc | 0.041 | 0.041 |
Znc | Znc | 0.047 | 0.047 |
Znc | Znc | 0.066 | 0.066 |