CRLF Injection Vulnerability in ZNC Webadmin
CVE-2009-0759

Currently unrated

Key Information:

Vendor

Znc

Status
Znc
Vendor
CVE Published:
3 March 2009

What is CVE-2009-0759?

ZNC versions prior to 0.066 contain multiple CRLF injection vulnerabilities in the webadmin interface. These flaws enable remote authenticated users to exploit CRLF sequences in quit messages and other input fields, resulting in potential modifications to the znc.conf configuration file. This can lead to privilege escalation and unauthorized changes within the application, compromising the overall security of the ZNC server.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/34230
third-party-advisoryx_refsource_SECUNIA
http://www.debian.org/security/2009/dsa-1735
vendor-advisoryx_refsource_DEBIAN
http://www.openwall.com/lists/oss-security/2009/03/01/2
mailing-listx_refsource_MLIST

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.