DSA-2069-1 znc -- denial of serviceID: oval:org.secpod.oval:def:600035 | Date: (C)2011-01-28 (M)2022-10-10 |
Class: PATCH | Family: unix |
It was discovered that znc, an IRC bouncer, is vulnerable to denial of service attacks via a NULL pointer dereference when traffic statistics are requested while there is an unauthenticated connection. For the stable distribution , the problem has been fixed in version 0.058-2+lenny4. For the testing distribution and the unstable distribution , the problem has been fixed in version 0.090-2. We recommend that you upgrade your znc packages.