Control: retitle -1 znc: CVE-2018-14055: privilege escalation to admin
permission (injection of rogue values in znc.conf)
On Sat, Jul 14, 2018 at 10:01:02PM +0200, Salvatore Bonaccorso wrote:
> Source: znc
> Version: 1.6.5-1
> Severity: grave
> Tags: patch security upstream
> Justification: user
Source: znc
Version: 1.6.5-1
Severity: grave
Tags: patch security upstream
Justification: user security hole
Hi
See
https://github.com/znc/znc/commit/a7bfbd93812950b7444841431e8e297e62cb524e
https://github.com/znc/znc/commit/d22fef8620cdd87490754f607e7153979731c69d
which would allow privilege e
2 matches
Mail list logo