Vulnerability Description
Directory traversal vulnerability in ZNC before 0.072 allows remote attackers to overwrite arbitrary files via a crafted DCC SEND request.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Znc | Znc | 0.044 |
Related Weaknesses (CWE)
References
- http://en.znc.in/w/index.php?title=ZNC&oldid=3209#WARNING
- http://en.znc.in/wiki/ChangeLog/0.072PatchVendor Advisory
- http://secunia.com/advisories/35916Vendor Advisory
- http://www.debian.org/security/2009/dsa-1848
- http://www.openwall.com/lists/oss-security/2009/07/21/5
- http://znc.svn.sourceforge.net/viewvc/znc?view=rev&sortby=rev&sortdir=down&revis
- https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00965.html
- http://en.znc.in/w/index.php?title=ZNC&oldid=3209#WARNING
- http://en.znc.in/wiki/ChangeLog/0.072PatchVendor Advisory
- http://secunia.com/advisories/35916Vendor Advisory
- http://www.debian.org/security/2009/dsa-1848
- http://www.openwall.com/lists/oss-security/2009/07/21/5
- http://znc.svn.sourceforge.net/viewvc/znc?view=rev&sortby=rev&sortdir=down&revis
- https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00965.html
FAQ
What is CVE-2009-2658?
CVE-2009-2658 is a vulnerability with a CVSS score of 7.5 (HIGH). Directory traversal vulnerability in ZNC before 0.072 allows remote attackers to overwrite arbitrary files via a crafted DCC SEND request.
How severe is CVE-2009-2658?
CVE-2009-2658 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-2658?
Check the references section above for vendor advisories and patch information. Affected products include: Znc Znc.