znc: arbitrary file overwrite
| Package(s): | znc | CVE #(s): | CVE-2009-2658 | ||||
| Created: | September 14, 2009 | Updated: | September 16, 2009 | ||||
| Description: | From the Gentoo advisory: he vendor reported a directory traversal vulnerability when processing DCC SEND requests. A remote, authenticated user could send a specially crafted DCC SEND request to overwrite arbitrary files with the privileges of the user running ZNC, and possibly cause the execution of arbitrary code e.g. by uploading a malicious ZNC module. | ||||||
| Alerts: |
| ||||||