ALL ZNC versions prior to 0.072 have a path traversal bug in core. Users with a valid login are able to write files to all places to which ZNC has write access. This means they could upload and load new modules which do anything imaginabl Reproducible: Didn't try
please note that 0.072 had a regression which broke webadmin skins with images 0.072 shouldn't be considered being a stable version but 0.074 should be which got released today
Thanks. net-irc: Please bump to 0.074.
CVE-2009-2658 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2658): Directory traversal vulnerability in ZNC before 0.072 allows remote attackers to overwrite arbitrary files via a crafted DCC SEND request.
+*znc-0.074 (12 Aug 2009) + + 12 Aug 2009; Alex Legler <a3li@gentoo.org> -znc-0.060.ebuild, + -znc-0.070.ebuild, +znc-0.074.ebuild, metadata.xml: + Non-maintainer commit: Version bump for security bug 278684. Removing + unneded vulnerable versions. Adding local "ares" USE flag for + newly-introduced support for c-ares in 0.074. +
Arches, please test and mark stable: =net-irc/znc-0.074 Target keywords : "amd64 x86"
x86 stable
amd64 stable, all arches done.
GLSA request filed.
GLSA 200909-17, thanks everyone.