CVE-2010-2448 - CERT CVE
ID CVE-2010-2448
Sažetak znc.cpp in ZNC before 0.092 allows remote authenticated users to cause a denial of service (crash) by requesting traffic statistics when there is an active unauthenticated connection, which triggers a NULL pointer dereference, as demonstrated using (1) a traffic link in the web administration pages or (2) the traffic command in the /znc shell.
Reference
CVSS
Base: 3.5
Impact: 2.9
Exploitability:6.8
Pristup
VektorSloženostAutentikacija
NETWORK MEDIUM SINGLE
Impact
PovjerljivostCjelovitostDostupnost
NONE NONE PARTIAL
CVSS vektor AV:N/AC:M/Au:S/C:N/I:N/A:P
Zadnje važnije ažuriranje 12-07-2010 - 17:30
Objavljeno 12-07-2010 - 17:30