Vulnerabilities > CVE-2013-2130 - Unspecified vulnerability in ZNC 1.0

047910
CVSS 4.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
znc
nessus

Summary

ZNC 1.0 allows remote authenticated users to cause a denial of service (NULL pointer reference and crash) via a crafted request to the (1) editnetwork, (2) editchan, (3) addchan, or (4) delchan page in modules/webadmin.cpp. Per: http://cwe.mitre.org/data/definitions/476.html "CWE-476: NULL Pointer Dereference"

Vulnerable Configurations

Part Description Count
Application
Znc
1

Nessus

  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2013-14132.NASL
    descriptionUpdate to 1.2-alpha1 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2013-08-20
    plugin id69382
    published2013-08-20
    reporterThis script is Copyright (C) 2013-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/69382
    titleFedora 19 : znc-1.2-0.1.alpha1.fc19 (2013-14132)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory 2013-14132.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(69382);
      script_version("1.4");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12");
    
      script_cve_id("CVE-2013-2130");
      script_xref(name:"FEDORA", value:"2013-14132");
    
      script_name(english:"Fedora 19 : znc-1.2-0.1.alpha1.fc19 (2013-14132)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Update to 1.2-alpha1
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=968562"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2013-August/114144.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?9dfc3828"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected znc package.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:znc");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:19");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2013/08/02");
      script_set_attribute(attribute:"plugin_publication_date", value:"2013/08/20");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2013-2020 Tenable Network Security, Inc.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! ereg(pattern:"^19([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 19.x", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    flag = 0;
    if (rpm_check(release:"FC19", reference:"znc-1.2-0.1.alpha1.fc19")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "znc");
    }
    
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201412-31.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201412-31 (ZNC: Denial of Service) Multiple NULL pointer dereferences have been found in ZNC. Impact : A remote attacker could send a specially crafted request, possibly resulting in a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id80109
    published2014-12-19
    reporterThis script is Copyright (C) 2014-2015 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/80109
    titleGLSA-201412-31 : ZNC: Denial of Service
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2013-14123.NASL
    descriptionUpdate to 1.2-alpha1 Fix CVE-2013-2130 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2013-08-20
    plugin id69381
    published2013-08-20
    reporterThis script is Copyright (C) 2013-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/69381
    titleFedora 18 : znc-1.2-0.1.alpha1.fc18 (2013-14123)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2015-013.NASL
    descriptionUpdated znc packages fix security vulnerabilities : Multiple vulnerabilities were reported in ZNC version 1.0 which can be exploited by malicious authenticated users to cause a denial of service. These flaws are due to errors when handling the editnetwork, editchan, addchan, and delchan page requests; they can be exploited to cause a NULL pointer dereference (CVE-2013-2130). Adding an already existing channel to a user/network via web admin in ZNC causes a crash if the channel name isn
    last seen2020-06-01
    modified2020-06-02
    plugin id80432
    published2015-01-09
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/80432
    titleMandriva Linux Security Advisory : znc (MDVSA-2015:013)