znc: Fix for CVE-2013-2130 (c1094b8a) · Commits · poplar / meta-openembedded

Commit c1094b8a authored Jul 28, 2014 by

Xufeng Zhang Committed by Joe MacDonald Aug 05, 2014

znc: Fix for CVE-2013-2130

ZNC 1.0 allows remote authenticated users to cause a denial of service
(NULL pointer reference and crash) via a crafted request to the (1) editnetwork,
(2) editchan, (3) addchan, or (4) delchan page in modules/webadmin.cpp.
Per: http://cwe.mitre.org/data/definitions/476.html


CWE-476: NULL Pointer Dereference

Signed-off-by: Xufeng Zhang <xufeng.zhang@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>

parent 71bb2dc7

Hide whitespace changes

Inline Side-by-side

Please register or to comment

Admin message

znc: Fix for CVE-2013-2130