oss-sec mailing list archives
CVE id request: znc
From: Florian Weimer <fw () deneb enyo de>
Date: Sun, 01 Mar 2009 18:17:45 +0100
ZNC before version 0.066 does not properly sanitize user input in configuration updates, allowing authenticated users to increase their privileges and gain shell access using a crafted POST request. <http://en.znc.in/wiki/ChangeLog/0.066>
Current thread:
- CVE id request: znc Florian Weimer (Mar 01)