Date: Sun, 01 Mar 2009 18:17:45 +0100 From: Florian Weimer <fw@...eb.enyo.de> To: oss-security@...ts.openwall.com Subject: CVE id request: znc ZNC before version 0.066 does not properly sanitize user input in configuration updates, allowing authenticated users to increase their privileges and gain shell access using a crafted POST request. <http://en.znc.in/wiki/ChangeLog/0.066>
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.