Vulnerabilities > CVE-2012-0033 - Resource Management Errors vulnerability in ZNC Znc-Msvc 0.200/0.202
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The CBounceDCCMod::OnPrivCTCP function in bouncedcc.cpp in the bouncedcc module in ZNC 0.200 and 0.202 allows remote attackers to cause a denial of service (crash) via a crafted DCC RESUME request.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Common Weakness Enumeration (CWE)
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2012-0917.NASL description Upgrade to 0.204, add init script for EPEL Update to 0.204 to fix CVE-2012-0033 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2012-02-10 plugin id 57881 published 2012-02-10 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/57881 title Fedora 15 : znc-0.204-3.fc15 (2012-0917) NASL family Fedora Local Security Checks NASL id FEDORA_2012-0921.NASL description Upgrade to 0.204, add init script for EPEL Update to 0.204 to fix CVE-2012-0033 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2012-02-13 plugin id 57898 published 2012-02-13 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/57898 title Fedora 16 : znc-0.204-3.fc16 / znc-infobot-0.204-1.fc16 (2012-0921)
References
- http://lists.opensuse.org/opensuse-updates/2015-11/msg00023.html
- http://secunia.com/advisories/47387
- http://www.openwall.com/lists/oss-security/2012/01/10/1
- http://www.securityfocus.com/bid/51328
- https://github.com/znc/znc/commit/11508aa72efab4fad0dbd8292b9614d9371b20a9#modules/bouncedcc.cpp
- http://lists.opensuse.org/opensuse-updates/2015-11/msg00023.html
- https://github.com/znc/znc/commit/11508aa72efab4fad0dbd8292b9614d9371b20a9#modules/bouncedcc.cpp
- http://www.securityfocus.com/bid/51328
- http://www.openwall.com/lists/oss-security/2012/01/10/1
- http://secunia.com/advisories/47387