CVE-2012-0033
Severity Score
5.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The CBounceDCCMod::OnPrivCTCP function in bouncedcc.cpp in the bouncedcc module in ZNC 0.200 and 0.202 allows remote attackers to cause a denial of service (crash) via a crafted DCC RESUME request.
La función CBounceDCCMod::OnPrivCTCP en bouncedcc.cpp en el módulo bouncedcc en ZNC 0.200 y 0.202 permite a atacantes remotos provocar una denegación de servicio (caída) a través de una petición DCC RESUME manipulada.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2011-12-07 CVE Reserved
- 2014-04-08 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-399: Resource Management Errors
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2012/01/10/1 | Mailing List |
|
| http://www.securityfocus.com/bid/51328 | Vdb Entry | |
| https://github.com/znc/znc/commit/11508aa72efab4fad0dbd8292b9614d9371b20a9#modules/bouncedcc.cpp | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://lists.opensuse.org/opensuse-updates/2015-11/msg00023.html | 2016-12-08 | |
| http://secunia.com/advisories/47387 | 2016-12-08 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Znc Search vendor "Znc" | Znc-msvc Search vendor "Znc" for product "Znc-msvc" | 0.200 Search vendor "Znc" for product "Znc-msvc" and version "0.200" | - |
Affected
| ||||||
| Znc Search vendor "Znc" | Znc-msvc Search vendor "Znc" for product "Znc-msvc" | 0.202 Search vendor "Znc" for product "Znc-msvc" and version "0.202" | - |
Affected
| ||||||