Vulnerabilities > CVE-2014-9403 - Denial of Service vulnerability in ZNC 'CWebAdminMod::ChanPage()' Function
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
The CWebAdminMod::ChanPage function in modules/webadmin.cpp in ZNC before 1.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) by adding a channel with the same name as an existing channel but without the leading # character, related to a "use-after-delete" error. <a href="http://cwe.mitre.org/data/definitions/476.html">CWE-476: NULL Pointer Dereference</a>
Vulnerable Configurations
Nessus
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201412-31.NASL description The remote host is affected by the vulnerability described in GLSA-201412-31 (ZNC: Denial of Service) Multiple NULL pointer dereferences have been found in ZNC. Impact : A remote attacker could send a specially crafted request, possibly resulting in a Denial of Service condition. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 80109 published 2014-12-19 reporter This script is Copyright (C) 2014-2015 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/80109 title GLSA-201412-31 : ZNC: Denial of Service NASL family SuSE Local Security Checks NASL id OPENSUSE-2015-845.NASL description Znc was updated to 1.6.2 to fix one security issue. The following vulnerability was fixed : - CVE-2014-9403: Remote unauthenticated users could cause denial of service via channel creation. [boo#956254] Also contains all bug fixes in the 1.6.2 release. last seen 2020-06-05 modified 2015-12-02 plugin id 87166 published 2015-12-02 reporter This script is Copyright (C) 2015-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/87166 title openSUSE Security Update : znc (openSUSE-2015-845) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2015-013.NASL description Updated znc packages fix security vulnerabilities : Multiple vulnerabilities were reported in ZNC version 1.0 which can be exploited by malicious authenticated users to cause a denial of service. These flaws are due to errors when handling the editnetwork, editchan, addchan, and delchan page requests; they can be exploited to cause a NULL pointer dereference (CVE-2013-2130). Adding an already existing channel to a user/network via web admin in ZNC causes a crash if the channel name isn last seen 2020-06-01 modified 2020-06-02 plugin id 80432 published 2015-01-09 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/80432 title Mandriva Linux Security Advisory : znc (MDVSA-2015:013)
References
- http://advisories.mageia.org/MGASA-2014-0543.html
- http://secunia.com/advisories/57795
- http://www.mandriva.com/security/advisories?name=MDVSA-2015:013
- http://www.openwall.com/lists/oss-security/2014/12/18/2
- http://www.securityfocus.com/bid/66926
- https://github.com/znc/znc/blob/master/ChangeLog.md
- https://github.com/znc/znc/issues/528