Explore top 10 tips to secure your open-source projects now. Read More
×
Arch Linux Security Advisory ASA-201807-11 ========================================= Severity: High Date : 2018-07-19 CVE-ID : CVE-2018-14055 CVE-2018-14056 Package : znc Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-737 Summary ====== The package znc before version 1.7.1-1 is vulnerable to multiple issues including privilege escalation and directory traversal. Resolution ========= Upgrade to 1.7.1-1. # pacman -Syu "znc>=1.7.1-1" The problems have been fixed upstream in version 1.7.1. Workaround ========= None. Description ========== - CVE-2018-14055 (privilege escalation) ZNC before 1.7.1-rc1 does not properly validate untrusted lines coming from the network, allowing a non-admin user to escalate privilege, inject rogue values into znc.conf, and gain shell access. - CVE-2018-14056 (directory traversal) ZNC before 1.7.1-rc1 is prone to a path traversal flaw. A non-admin user can set web skin name to ../ to access files outside of the intended skins directories and to cause DoS. Impact ===== An authenticated non-admin user is able to read arbitrary files, crash the application, escalate privileges, or execute arbitrary commands on the host. References ========= https://wiki.znc.in/ChangeLog/1.7.1 https://github.com/znc/znc/commit/a7bfbd93812950b7444841431e8e297e62cb524e https://github.com/znc/znc/commit/d22fef8620cdd87490754f607e7153979731c69d https://github.com/znc/znc/commit/a4a5aeeb17d32937d8c7d743dae9a4cc755ce773 https://security.archlinux.org/CVE-2018-14055 https://security.archlinux.org/CVE-2018-14056