Mageia: 2019-0262 Medium: ZNC Privilege Escalation and DoS Threats
mageia
September 12, 2019
Jeriko One discovered two vulnerabilities in the ZNC IRC bouncer which could result in privilege escalation or denial of service (CVE-2018-14055, CVE-2018-14056)
Summary
Jeriko One discovered two vulnerabilities in the ZNC IRC bouncer which
could result in privilege escalation or denial of service (CVE-2018-14055,
CVE-2018-14056).
Two vulnerabilities were discovered in the ZNC IRC bouncer which could
result in remote code execution (CVE-2019-12816) or denial of service via
invalid encoding (CVE-2019-9917).
References
- https://bugs.mageia.org/show_bug.cgi?id=23327
- https://lists.debian.org/debian-security-announce/2018/msg00181.html
- https://lists.debian.org/debian-security-announce/2019/msg00109.html
- https://www.cve.org/CVERecord?id=CVE-2018-14055
- https://www.cve.org/CVERecord?id=CVE-2018-14056
- https://www.cve.org/CVERecord?id=CVE-2019-9917
- https://www.cve.org/CVERecord?id=CVE-2019-12816
Topics Covered
Resolution
SRPMS
- 7/core/znc-1.7.4-1.mga7
- 6/core/znc-1.7.4-1.mga6
PREVIOUS
NEXT
Severity
medium
Lowest
Low
Medium
High
Critical
Publication date: 12 Sep 2019
URL: https://advisories.mageia.org/MGASA-2019-0262.html
Type: security
CVE: CVE-2018-14055,
CVE-2018-14056,
CVE-2019-9917,
CVE-2019-12816
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!