Important Mageia 2024-0257 Advisory on ZNC Remote Code Execution Risk
In ZNC before 1.9.1, remote code execution can occur in modtcl via a KICK
Summary
In ZNC before 1.9.1, remote code execution can occur in modtcl via a
KICK. (CVE-2024-39844)
References
- https://bugs.mageia.org/show_bug.cgi?id=33364
- https://www.openwall.com/lists/oss-security/2024/07/03/9
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39844
Resolution
MGASA-2024-0257 - Updated znc packages fix security vulnerability
SRPMS
- 9/core/znc-1.8.2-21.1.mga9
Severity
Publication date: 05 Jul 2024
URL: https://advisories.mageia.org/MGASA-2024-0257.html
Type: security
CVE: CVE-2024-39844
