Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 260148 (CVE-2009-0759) - <net-irc/znc-0.066 Privilege escalation when using webadmin (CVE-2009-0759)
Summary: <net-irc/znc-0.066 Privilege escalation when using webadmin (CVE-2009-0759)
Alias: CVE-2009-0759
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High major (vote)
Assignee: Gentoo Security
Whiteboard: C1 [glsa]
: 259902 (view as bug list)
Depends on:
Reported: 2009-02-24 17:11 UTC by Robert Förster
Modified: 2009-03-06 22:42 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Robert Förster 2009-02-24 17:11:11 UTC
see the url for more info

Reproducible: Always
Comment 1 Conrad Kostecki gentoo-dev 2009-02-25 11:01:58 UTC
*** Bug 259902 has been marked as a duplicate of this bug. ***
Comment 2 Raúl Porcel (RETIRED) gentoo-dev 2009-02-25 18:42:43 UTC
Please stabilize =net-irc/znc-0.066
Arches: amd64 x86
Comment 3 Markus Meier gentoo-dev 2009-02-25 20:09:40 UTC
amd64/x86 stable, all arches done.
Comment 4 Robert Buchholz (RETIRED) gentoo-dev 2009-03-04 17:09:02 UTC
CVE-2009-0759 (
  Multiple CRLF injection vulnerabilities in webadmin in ZNC before
  0.066 allow remote authenticated users to modify the znc.conf
  configuration file and gain privileges via CRLF sequences in the quit
  message and other vectors.

Comment 5 Tobias Heinlein (RETIRED) gentoo-dev 2009-03-05 20:12:06 UTC
GLSA request filed.
Comment 6 Tobias Heinlein (RETIRED) gentoo-dev 2009-03-06 22:42:55 UTC
GLSA 200903-02, thanks everyone.