VYPR
← All advisories
Unrated severityNVD Advisory· Published Jul 12, 2010· Updated Apr 29, 2026

CVE-2010-2448

CVE-2010-2448

Description

znc.cpp in ZNC before 0.092 allows remote authenticated users to cause a denial of service (crash) by requesting traffic statistics when there is an active unauthenticated connection, which triggers a NULL pointer dereference, as demonstrated using (1) a traffic link in the web administration pages or (2) the traffic command in the /znc shell.

Affected products

23
  • Znc/Znc23 versions
    cpe:2.3:a:znc:znc:*:*:*:*:*:*:*:*+ 22 more
    • cpe:2.3:a:znc:znc:*:*:*:*:*:*:*:*range: <=0.090
    • cpe:2.3:a:znc:znc:0.034:*:*:*:*:*:*:*
    • cpe:2.3:a:znc:znc:0.041:*:*:*:*:*:*:*
    • cpe:2.3:a:znc:znc:0.043:*:*:*:*:*:*:*
    • cpe:2.3:a:znc:znc:0.044:*:*:*:*:*:*:*
    • cpe:2.3:a:znc:znc:0.045:*:*:*:*:*:*:*
    • cpe:2.3:a:znc:znc:0.047:*:*:*:*:*:*:*
    • cpe:2.3:a:znc:znc:0.050:*:*:*:*:*:*:*
    • cpe:2.3:a:znc:znc:0.052:*:*:*:*:*:*:*
    • cpe:2.3:a:znc:znc:0.054:*:*:*:*:*:*:*
    • cpe:2.3:a:znc:znc:0.056:*:*:*:*:*:*:*
    • cpe:2.3:a:znc:znc:0.058:*:*:*:*:*:*:*
    • cpe:2.3:a:znc:znc:0.060:*:*:*:*:*:*:*
    • cpe:2.3:a:znc:znc:0.062:*:*:*:*:*:*:*
    • cpe:2.3:a:znc:znc:0.064:*:*:*:*:*:*:*
    • cpe:2.3:a:znc:znc:0.066:*:*:*:*:*:*:*
    • cpe:2.3:a:znc:znc:0.068:*:*:*:*:*:*:*
    • cpe:2.3:a:znc:znc:0.070:*:*:*:*:*:*:*
    • cpe:2.3:a:znc:znc:0.072:*:*:*:*:*:*:*
    • cpe:2.3:a:znc:znc:0.074:*:*:*:*:*:*:*
    • cpe:2.3:a:znc:znc:0.076:*:*:*:*:*:*:*
    • cpe:2.3:a:znc:znc:0.078:*:*:*:*:*:*:*
    • cpe:2.3:a:znc:znc:0.080:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

11

News mentions

0

No linked articles in our index yet.