2012-12-14 00:57:30 |
Thomas Ward |
bug |
|
|
added bug |
2012-12-14 00:57:49 |
Thomas Ward |
nominated for series |
|
Ubuntu Hardy |
|
2012-12-14 00:57:49 |
Thomas Ward |
nominated for series |
|
Ubuntu Lucid |
|
2012-12-14 00:59:51 |
Dimitri John Ledkov |
bug task added |
|
znc (Ubuntu Lucid) |
|
2012-12-14 00:59:59 |
Dimitri John Ledkov |
bug task added |
|
znc (Ubuntu Hardy) |
|
2012-12-14 01:00:10 |
Dimitri John Ledkov |
znc (Ubuntu): status |
New |
Fix Released |
|
2012-12-14 01:01:28 |
Thomas Ward |
cve linked |
|
2010-2448 |
|
2012-12-14 01:01:44 |
Thomas Ward |
cve linked |
|
2010-2488 |
|
2012-12-14 01:02:06 |
Thomas Ward |
cve linked |
|
2010-2812 |
|
2012-12-14 01:02:25 |
Thomas Ward |
cve linked |
|
2010-2934 |
|
2012-12-14 18:13:57 |
Thomas Ward |
summary |
ZNC security report: CVEs for Lucid |
ZNC security report: CVEs for Lucid, Hardy |
|
2012-12-14 20:19:24 |
Thomas Ward |
znc (Ubuntu Lucid): assignee |
|
Thomas Ward (teward) |
|
2012-12-14 20:19:29 |
Thomas Ward |
znc (Ubuntu Lucid): status |
New |
In Progress |
|
2012-12-14 20:43:16 |
Thomas Ward |
znc (Ubuntu Hardy): assignee |
|
Thomas Ward (teward) |
|
2012-12-14 20:43:22 |
Thomas Ward |
znc (Ubuntu Hardy): status |
New |
In Progress |
|
2012-12-17 02:43:20 |
Thomas Ward |
znc (Ubuntu Lucid): status |
In Progress |
New |
|
2012-12-17 02:43:25 |
Thomas Ward |
znc (Ubuntu Lucid): assignee |
Thomas Ward (teward) |
|
|
2012-12-17 02:43:32 |
Thomas Ward |
znc (Ubuntu Hardy): status |
In Progress |
New |
|
2012-12-17 02:43:35 |
Thomas Ward |
znc (Ubuntu Hardy): assignee |
Thomas Ward (teward) |
|
|
2012-12-17 02:44:12 |
Thomas Ward |
znc (Ubuntu Lucid): status |
New |
In Progress |
|
2012-12-17 02:44:12 |
Thomas Ward |
znc (Ubuntu Lucid): assignee |
|
Thomas Ward (teward) |
|
2012-12-17 03:04:05 |
Thomas Ward |
attachment added |
|
Debdiff for znc 0.078-1 (in release) https://bugs.launchpad.net/ubuntu/lucid/+source/znc/+bug/1090195/+attachment/3461740/+files/lp1090195_lucid.debdiff |
|
2012-12-17 17:24:29 |
Thomas Ward |
description |
I plan on trying to patch these over the next few weeks or so, hence the "bug report".
Based on information found in http://people.canonical.com/~ubuntu-security/cve/pkg/znc.html, the following CVEs are unfixed in the version of ZNC on Lucid (and indirectly, on Hardy, although Hardy's codebase is old enough for any patches to not apply correctly):
CVE-2010-2448:
znc.cpp in ZNC before 0.092 allows remote authenticated users to cause a
denial of service (crash) by requesting traffic statistics when there is an
active unauthenticated connection, which triggers a NULL pointer
dereference, as demonstrated using (1) a traffic link in the web
administration pages or (2) the traffic command in the /znc shell.
CVE-2010-2488:
denial of service bug - refer to http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584929 for additional details.
CVE-2010-2812:
Client.cpp in ZNC 0.092 allows remote attackers to cause a denial of
service (exception and daemon crash) via a PING command that lacks an
argument.
CVE-2010-2934:
Multiple unspecified vulnerabilities in ZNC 0.092 allow remote attackers to
cause a denial of service (exception and daemon crash) via unknown vectors
related to "unsafe substr() calls."
Currently supported Releases at the time of this bug report, and whether they are affected:
Hardy: Affected
Lucid: Affected (0.078-1 in release/universe)
Oneiric: Not Affected (0.098-2ubuntu1)
Precise: Not Affected (0.206-1)
Quantal: Not Affected (0.206-2)
Raring: Not Affected (1.0-1 in release/universe, 1.0-2 in proposed) |
I plan on trying to patch these over the next few weeks or so, hence the "bug report".
Based on information found in http://people.canonical.com/~ubuntu-security/cve/pkg/znc.html, the following CVEs are unfixed in the version of ZNC on Lucid (and indirectly, on Hardy, although Hardy's codebase is old enough for any patches to not apply correctly):
CVE-2010-2448:
znc.cpp in ZNC before 0.092 allows remote authenticated users to cause a
denial of service (crash) by requesting traffic statistics when there is an
active unauthenticated connection, which triggers a NULL pointer
dereference, as demonstrated using (1) a traffic link in the web
administration pages or (2) the traffic command in the /znc shell.
CVE-2010-2488:
denial of service bug - refer to http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584929 for additional details.
CVE-2010-2812:
Client.cpp in ZNC 0.092 allows remote attackers to cause a denial of
service (exception and daemon crash) via a PING command that lacks an
argument.
CVE-2010-2934:
Multiple unspecified vulnerabilities in ZNC 0.092 allow remote attackers to
cause a denial of service (exception and daemon crash) via unknown vectors
related to "unsafe substr() calls."
Currently supported Releases at the time of this bug report, and whether they are affected:
Hardy: Affected
Lucid: Affected (0.078-1 in release/universe)
Oneiric: Not Affected (0.098-2ubuntu1)
Precise: Not Affected (0.206-1)
Quantal: Not Affected (0.206-2)
Raring: Not Affected (1.0-2) |
|
2012-12-17 17:48:26 |
Thomas Ward |
attachment removed |
Debdiff for znc 0.078-1 (in Lucid/release) https://bugs.launchpad.net/ubuntu/lucid/+source/znc/+bug/1090195/+attachment/3461740/+files/lp1090195_lucid.debdiff |
|
|
2012-12-17 18:06:44 |
Thomas Ward |
attachment added |
|
Debdiff for znc 0.078-1 (in lucid universe) https://bugs.launchpad.net/ubuntu/lucid/+source/znc/+bug/1090195/+attachment/3462295/+files/lp1090195_lucid.debdiff |
|
2012-12-17 18:35:20 |
Thomas Ward |
bug |
|
|
added subscriber Ubuntu Security Sponsors Team |
2012-12-18 00:05:01 |
Jamie Strandboge |
removed subscriber Ubuntu Security Sponsors Team |
|
|
|
2012-12-18 07:06:11 |
Thomas Ward |
attachment added |
|
Updated debdiff for znc 0.078-1 (in lucid universe), to address concerns outlined in Comment 5 https://bugs.launchpad.net/ubuntu/lucid/+source/znc/+bug/1090195/+attachment/3462728/+files/lp1090195_lucid.debdiff |
|
2012-12-18 07:07:20 |
Thomas Ward |
attachment removed |
Updated debdiff for znc 0.078-1 (in lucid universe), to address concerns outlined in Comment 5 https://bugs.launchpad.net/ubuntu/lucid/+source/znc/+bug/1090195/+attachment/3462728/+files/lp1090195_lucid.debdiff |
|
|
2012-12-18 07:16:56 |
Thomas Ward |
attachment added |
|
Updated debdiff for znc 0.078-1 (in lucid universe), to address concerns outlined in Comment 5 https://bugs.launchpad.net/ubuntu/lucid/+source/znc/+bug/1090195/+attachment/3462730/+files/lp1090195_lucid.debdiff |
|
2012-12-18 13:53:56 |
Jamie Strandboge |
znc (Ubuntu Hardy): status |
New |
Incomplete |
|
2012-12-18 13:54:47 |
Jamie Strandboge |
znc (Ubuntu Lucid): status |
In Progress |
Fix Committed |
|
2012-12-18 22:42:12 |
Launchpad Janitor |
znc (Ubuntu Lucid): status |
Fix Committed |
Fix Released |
|
2012-12-18 23:13:51 |
Launchpad Janitor |
branch linked |
|
lp:~ubuntu-branches/ubuntu/lucid/znc/lucid-security |
|
2013-11-12 21:19:15 |
Jamie Strandboge |
znc (Ubuntu Hardy): status |
Incomplete |
Won't Fix |
|