3.5

CVE-2010-2448

znc.cpp in ZNC before 0.092 allows remote authenticated users to cause a denial of service (crash) by requesting traffic statistics when there is an active unauthenticated connection, which triggers a NULL pointer dereference, as demonstrated using (1) a traffic link in the web administration pages or (2) the traffic command in the /znc shell.

Data is provided by the National Vulnerability Database (NVD)
ZncZnc Version <= 0.090
ZncZnc Version0.034
ZncZnc Version0.041
ZncZnc Version0.043
ZncZnc Version0.044
ZncZnc Version0.045
ZncZnc Version0.047
ZncZnc Version0.050
ZncZnc Version0.052
ZncZnc Version0.054
ZncZnc Version0.056
ZncZnc Version0.058
ZncZnc Version0.060
ZncZnc Version0.062
ZncZnc Version0.064
ZncZnc Version0.066
ZncZnc Version0.068
ZncZnc Version0.070
ZncZnc Version0.072
ZncZnc Version0.074
ZncZnc Version0.076
ZncZnc Version0.078
ZncZnc Version0.080
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 1.25% 0.774
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 3.5 6.8 2.9
AV:N/AC:M/Au:S/C:N/I:N/A:P