oss-security - CVE Request: ZNC NULL Pointer Dereference

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [thread-next>] [day] [month] [year] [list]

Date: Sat, 13 Dec 2014 10:59:21 -0500
From: Sean Amoss <ackle@...too.org>
To: OSS Security List <oss-security@...ts.openwall.com>
CC: cve-assign@...re.org, security@...too.org
Subject: CVE Request: ZNC NULL Pointer Dereference

Hello,

It looks like the following issue has not received a CVE identifier as
of yet:

A NULL pointer dereference has been found in the
"CWebAdminMod::ChanPage()" function in modules/webadmin.cpp.

This was reported to Gentoo [1] by means of a Secunia advisory [2],
which in turn referenced the upstream bug request [3].

[1] https://bugs.gentoo.org/show_bug.cgi?id=507794
[2] https://secunia.com/advisories/57795/
[3] https://github.com/znc/znc/issues/528

Thanks,
Sean
-- 
Sean Amoss
Gentoo Security | GLSA Coordinator
E-Mail : ackle@...too.org
GnuPG FP : E58A AABD DD2D 03AF 0A7A 2F14 1877 72EC E928 357A

Download attachment "signature.asc" of type "application/pgp-signature" (214 bytes)

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.