Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

Gentoo: 200903-02 High Severity: ZNC Privilege Escalation Risk

gentoo
Calendar Grey March 6, 2009
Dist Gentoo Esm H88
Investigate the critical ZNC privilege escalation vulnerability found in Gentoo, encompassing specifics of the exploit and measures for mitigation.
A vulnerability in ZNC allows for privilege escalation.

Summary

Gentoo Linux Security Advisory GLSA 200903-02 https://security.gentoo.org/ Severity: High Title: ZNC: Privilege escalation Date: March 06, 2009 Bugs: #260148 ID: 200903-02

Synopsis ======= A vulnerability in ZNC allows for privilege escalation.
Background ========= ZNC is an advanced IRC bouncer.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-irc/znc < 0.066 >= 0.066
========== cnu discovered multiple CRLF injection vulnerabilities in ZNC's webadmin module.
Impact ===== A remote authenticated attacker could modify the znc.conf configuration file and gain privileges via newline characters in e.g. the QuitMessage field, and possibly execute arbi...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory high severity security issue gentoo privilege escalation configuration exploit ZNC

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory high severity security issue gentoo privilege escalation configuration exploit ZNC

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here