It was discovered that znc, an IRC bouncer, is vulnerable to denial of service attacks via a NULL pointer dereference when traffic statistics are requested while there is an unauthenticated connection. For the stable distribution , the problem has been fixed in version 0.058-2+lenny4. For the testing distribution and the unstable distribution , the problem has been fixed in version 0.090-2. We recommend that you upgrade your znc packages.