ZNC: Privilege escalation — GLSA 200903-02

A vulnerability in ZNC allows for privilege escalation.

Affected packages

net-irc/znc on all architectures
Affected versions < 0.066
Unaffected versions >= 0.066

Background

ZNC is an advanced IRC bouncer.

Description

cnu discovered multiple CRLF injection vulnerabilities in ZNC's webadmin module.

Impact

A remote authenticated attacker could modify the znc.conf configuration file and gain privileges via newline characters in e.g. the QuitMessage field, and possibly execute arbitrary code.

Workaround

There is no known workaround at this time.

Resolution

All ZNC users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=net-irc/znc-0.066"

References

Release date
March 06, 2009

Latest revision
March 06, 2009: 01

Severity
high

Exploitable
remote

Bugzilla entries