subject:"Bug#903787\: znc\: privilege escalation to admin permission \(injection of rogue values in znc.conf\)"

Bug#903787: znc: privilege escalation to admin permission (injection of rogue values in znc.conf)

2018-07-14 Thread Salvatore Bonaccorso

Control: retitle -1 znc: CVE-2018-14055: privilege escalation to admin permission (injection of rogue values in znc.conf) On Sat, Jul 14, 2018 at 10:01:02PM +0200, Salvatore Bonaccorso wrote: > Source: znc > Version: 1.6.5-1 > Severity: grave > Tags: patch security upstream > Justification: user

Bug#903787: znc: privilege escalation to admin permission (injection of rogue values in znc.conf)

2018-07-14 Thread Salvatore Bonaccorso

Source: znc Version: 1.6.5-1 Severity: grave Tags: patch security upstream Justification: user security hole Hi See https://github.com/znc/znc/commit/a7bfbd93812950b7444841431e8e297e62cb524e https://github.com/znc/znc/commit/d22fef8620cdd87490754f607e7153979731c69d which would allow privilege e