Information on source package znc

Available versions

ReleaseVersion
jessie1.4-2
jessie (security)1.4-2+deb8u1
stretch (security)1.6.5-1+deb9u1
buster1.7.1-2
sid1.7.1-2

Resolved issues

BugDescription
TEMP-0403141-57B365znc file access security hole
CVE-2018-14056ZNC before 1.7.1-rc1 is prone to a path traversal flaw via ../ in a web ...
CVE-2018-14055ZNC before 1.7.1-rc1 does not properly validate untrusted lines coming ...
CVE-2014-9403The CWebAdminMod::ChanPage function in modules/webadmin.cpp in ZNC ...
CVE-2013-2130ZNC 1.0 allows remote authenticated users to cause a denial of service ...
CVE-2012-0033The CBounceDCCMod::OnPrivCTCP function in bouncedcc.cpp in the ...
CVE-2010-2934Multiple unspecified vulnerabilities in ZNC 0.092 allow remote ...
CVE-2010-2812Client.cpp in ZNC 0.092 allows remote attackers to cause a denial of ...
CVE-2010-2488znc null pointer deref
CVE-2009-2658Directory traversal vulnerability in ZNC before 0.072 allows remote ...
CVE-2009-0759Multiple CRLF injection vulnerabilities in webadmin in ZNC before ...

Security announcements

DSA / DLADescription
DSA-4252-1znc - security update
DLA-1427-1znc - security update
DSA-2069-1znc - denial of service
DSA-1848-1znc - directory traversal
DSA-1848-1znc - directory traversal
DSA-1735-1znc - privilege escalation
DSA-1735-1znc - privilege escalation

Search for package or bug name: Reporting problems