stable

znc-0.072-3.el5

FEDORA-EPEL-2009-0117 created by nb 16 years ago for Fedora EPEL 5

No CVE yet, one has been requested.

Upgrade to 0.072 of ZNC, fixes security issue in bug 513152

An users data directory traversal flaw was found in the way ZNC used to handle file upload requests via Direct Client Connection (DCC) /dcc SEND messages. A remote IRC user could issue a /dcc SEND message with a specially-crafted content (file to upload), which once accepted by a local, unsuspecting ZNC user, would overwrite relevant files in the users/<user>/downloads data directory.

This update has been pushed to stable

16 years ago

Please log in to add feedback.

Metadata
Type
security
Karma
0
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
disabled
Dates
submitted
16 years ago
in stable
16 years ago
modified
16 years ago
Builds
1
znc-0.072-3.el5
BZ#513152 ZNC: Users data directory traversal flaw via Direct Client Connection message
0
0
znc-0.072-3.el5

Automated Test Results

Copyright © 2007-2026 Red Hat, Inc. and others.

Running bodhi-server 25.11.3 on bodhi-web-20-v5tqb.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy